my dog learned polymorphism
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Doubt in auth methods Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Doubt in auth methods" Watch "Doubt in auth methods" New topic

Doubt in auth methods

raja ram
Ranch Hand

Joined: Mar 02, 2008
Posts: 169

Are all the four of them supported by all the browsers ?

1.Basic : HTTP Spec :Weak assword is encoded using base64
2.Digest : HTTP Spec : Stronger assword is encrypted
3.Client-Cert : J2EE-Spec : Strong assword and data both encrypted on HTTPS
4.Form : J2EE-Spec :Very Weak assword is sent as a text

[ November 06, 2008: Message edited by: raja ram ]
Christophe Verré

Joined: Nov 24, 2005
Posts: 14688

You'll find the answer in the servlets specification, SRV.12.5 Authentication.

[My Blog]
All roads lead to JavaRanch
raja ram
Ranch Hand

Joined: Mar 02, 2008
Posts: 169
I did went through Spec,But nothing Explicitly said about browser support.

Sandeep Bhandari
Ranch Hand

Joined: Apr 16, 2004
Posts: 201
Spec is not concerned about the million of browsers in the market.

Check the browser for encryption and stuff.

SCJP 96% | SCWCD 90%| SCJP mock exams | My SCJP blog
Lakshmi Narayanan
Ranch Hand

Joined: Apr 29, 2008
Posts: 58
BASIC, FORM and CLIENT-CERT supported by all browsers

Read this

Thanks<br />Lakshmi<br />SCJP 1.4 - 90%<br />SCWCD 5 - 89%
Deepak Jain
Ranch Hand

Joined: Aug 05, 2006
Posts: 637
Digest Authentication is not currently in widespread use, servlet
containers are encouraged but not required to support it.

I agree. Here's the link:
subject: Doubt in auth methods
It's not a secret anymore!