File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes JWebPlus ID:999984556200 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "JWebPlus ID:999984556200" Watch "JWebPlus ID:999984556200" New topic

JWebPlus ID:999984556200

Axel Janssen
Ranch Hand

Joined: Jan 08, 2001
Posts: 2164
Which of the following are correct about HTTP basic authentication mechanism?
I took: Password is passed in encrypted form.
Right answer: Password is passed as plain text.
Explanation:Basic Authentication is not a secure authentication protocol. User passwords are sent in simple base64 encoding, and the target server is not authenticated.
I think: base64 might be not secure but it is an encryption mechanism.
Am I missing something?
[ February 28, 2002: Message edited by: Axel Janssen ]
Paul Anilprem
Enthuware Software Support
Ranch Hand

Joined: Sep 23, 2000
Posts: 3635
Base64 encoding is not exactly an encryption. It's a conversion from ASCII format to Base64 format(as good as ASCII to say EBCDIC). You would not say that ASCII and EBCDIC are encryption mechanisms. Would you
Just like ASCII represents A by 65, Base64 represents it by 0.
For more info:

Enthuware - Best Mock Exams and Questions for Oracle Java Certifications
Quality Guaranteed - Pass or Full Refund!
Axel Janssen
Ranch Hand

Joined: Jan 08, 2001
Posts: 2164
For me its a question of definition of the term encryption.
Madhav Lakkapragada
Ranch Hand

Joined: Jun 03, 2000
Posts: 5040
Good to know that, Paul.
- satya

Take a Minute, Donate an Hour, Change a Life
I agree. Here's the link:
subject: JWebPlus ID:999984556200
It's not a secret anymore!