aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes authentication types Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "authentication types" Watch "authentication types" New topic
Author

authentication types

Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290
Hi folks, again

I got the following sentences in HFSJ (page 648).

- DIGEST - "stronger"
- Client Cert - "Strong"


But some mocks i got that "CC" would be stronger than "DIGEST", because it�s encrypted and DIGEST only uses MD5 encode...

What is teh correct answer?

Tks.


SCJP | SCWCD | SCBCD | SCWSD 5 | SCEA (I) 1.4 | SCEA 5 | IBM SOA 669
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39549
    
  27
It wouldn't have occurred to me to compare the two in terms of strength, as they do different things. I wouldn't say "something is only MD5 encoded". MD5 is not an encoding, not even a cipher, but a hash. Once something has been run through MD5, the contents can not be recovered.

Maybe what's meant here is that the crypto method of digests (one-way) is stronger than the one used with CCs (which I think is based on encryption, and thus two-way). But I'd consider the authentication provided by CCs to be stronger than the one provided by a digested password.


Ping & DNS - updated with new look and Ping home screen widget
Gab Buda
Greenhorn

Joined: Mar 25, 2006
Posts: 24
If we put the things in their context, they say that "BASIC" is weak and "DIGEST" is stronger (compared to BASIC); they don't say "DIGEST" is the strongest of all. That's what I understood.

hope this helps
Gabb


SCJP 1.4 (85%)<br />SCWCD 1.4 (94%)
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: authentication types
 
Similar Threads
What is called optional authentication type?
object ref types trip me up all the time
APOP .. ?
Synchronized method to get md5 digest
manning's question about AUTHENTICATION mechanisms