wood burning stoves 2.0*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes question about authentication mechanisms Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "question about authentication mechanisms" Watch "question about authentication mechanisms" New topic
Author

question about authentication mechanisms

shi lei
Greenhorn

Joined: Jan 17, 2006
Posts: 15
ques:
The transmission method in the Basic and FORM mechanisms is the same.
true or false?
answer is true.

I know
In Form based authentication user password is transimitted as plain text.
but Basic Authentication ise Base64 encoding.

why true?
Kiaama Liames
Ranch Hand

Joined: Jun 30, 2006
Posts: 52
Here the password is encoded and not encrypted which is more secure than the simple base64 encoding. Form Based Authentication has the same lack of security as Basic Authentication since the user password is transmitted as plain text and the target server is not authenticated .
In the deployment descriptor of a Web application, form-based authentication does not specify the security realm, as the basic authentication mechanism does. Therefore the transport mechanism is considered the same
[ July 12, 2006: Message edited by: Kiaama Liames ]

scjp 1.4<br />scwcd 1.4
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: question about authentication mechanisms