• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

question about authentication mechanisms

 
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ques:
The transmission method in the Basic and FORM mechanisms is the same.
true or false?
answer is true.

I know
In Form based authentication user password is transimitted as plain text.
but Basic Authentication ise Base64 encoding.

why true?
 
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here the password is encoded and not encrypted which is more secure than the simple base64 encoding. Form Based Authentication has the same lack of security as Basic Authentication since the user password is transmitted as plain text and the target server is not authenticated .
In the deployment descriptor of a Web application, form-based authentication does not specify the security realm, as the basic authentication mechanism does. Therefore the transport mechanism is considered the same
[ July 12, 2006: Message edited by: Kiaama Liames ]
 
reply
    Bookmark Topic Watch Topic
  • New Topic