File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Authentication" Watch "Authentication" New topic


deepa raj
Ranch Hand

Joined: Jul 25, 2008
Posts: 124
Which authentication mechanism is recommended to be used only if cookies or SSL session tracking is in place?

Ans : Form based.

Explanation :
Form based login session tracking can be difficult to implement, therefore a separate session tracking mechanism is recommended.

can you explain this?
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Using basic (or digest) authentication, the credentials (username/password) are transmitted from the browser to the server with each HTTP request (this happens in the HTTP headers). It is thus not necessary to set cookies to identify the client.

Form authentication, on the other hand, only transmits the credentials once (when the login form is submitted). For the server to recognize the client on subsequent requests, some kind of session or cookie is necessary.
deepa raj
Ranch Hand

Joined: Jul 25, 2008
Posts: 124
What about CLIENT-CERT authentication ?
Baddy Davay

Joined: Aug 10, 2008
Posts: 26
CLIENT_CERT requires always to have a public certiticate key in the client side.So The way client-cert works is fully different than this username/password based authentication.
deepa raj
Ranch Hand

Joined: Jul 25, 2008
Posts: 124
if so ,
from HFSJ
What it means ?

CLIENT-CERT also will use pop-up form to get username and password.

is this true ?
Joy Mukherjee
Ranch Hand

Joined: Aug 10, 2008
Posts: 62
Client-Cert means you have to send the certificate to the server.
Its doesn't open up any popup screen like BASIC or DIGEST by default.

B.Tech (E.E),IIT Kharagpur<br />SCJP 5.0<br />SCWCD 5.0<br />PMP
Consider Paul's rocket mass heater.
subject: Authentication
It's not a secret anymore!