File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes authentication types Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "authentication types" Watch "authentication types" New topic

authentication types

Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290
Hi folks, again

I got the following sentences in HFSJ (page 648).

- DIGEST - "stronger"
- Client Cert - "Strong"

But some mocks i got that "CC" would be stronger than "DIGEST", because it�s encrypted and DIGEST only uses MD5 encode...

What is teh correct answer?


SCJP | SCWCD | SCBCD | SCWSD 5 | SCEA (I) 1.4 | SCEA 5 | IBM SOA 669
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
It wouldn't have occurred to me to compare the two in terms of strength, as they do different things. I wouldn't say "something is only MD5 encoded". MD5 is not an encoding, not even a cipher, but a hash. Once something has been run through MD5, the contents can not be recovered.

Maybe what's meant here is that the crypto method of digests (one-way) is stronger than the one used with CCs (which I think is based on encryption, and thus two-way). But I'd consider the authentication provided by CCs to be stronger than the one provided by a digested password.
Gab Buda

Joined: Mar 25, 2006
Posts: 24
If we put the things in their context, they say that "BASIC" is weak and "DIGEST" is stronger (compared to BASIC); they don't say "DIGEST" is the strongest of all. That's what I understood.

hope this helps

SCJP 1.4 (85%)<br />SCWCD 1.4 (94%)
I agree. Here's the link:
subject: authentication types
jQuery in Action, 3rd edition