aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes http authentication methods Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "http authentication methods" Watch "http authentication methods" New topic
Author

http authentication methods

vani venkat
Ranch Hand

Joined: Nov 21, 2006
Posts: 142
hi
which authentication methods are http. I know that Basic authentication is http. client-cert is https. so it does not come as http. how about digest and form. are these j2ee authentication mechanisms?


SCJP 1.4, SCWCD 1.5
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1280

Hi Vani,

there are not much more HTTP authentication methods besides HTTP basic and digest authentication. There are some rare forms like NTLM (LAN manager) and Kerberos authentication which are more or less Windows specific. Maybe a login via login form can be considered HTTP authentication, too. In my opinion authentication with SSL/TLS certificates is HTTP authentication as well just with an additional encryption layer.

Marco
vani venkat
Ranch Hand

Joined: Nov 21, 2006
Posts: 142
hi Marco
does that mean all four(b) ofasic digest, client-cert and form them are http authentication mechanisms? I see some questions asking which of them are http authentication methods.
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1280

Hello Vani,

I guess the term "HTTP authentication" is simply too blurry here. Some people use it as a synonym for HTTP BASIC authentication, others will mean one or more of the methods I wrote in my last post. I personally would consider them all HTTP authentication mechanisms because we're talking here about applications which are based on the HTTP/HTTPS protocol. Technically this isn't 100% correct because SSL/TLS for example communicates directly over TCP and is therefore one network layer below HTTP(S). In contrast in RFC 2617 only HTTP basic and digest authentication are discussed.

So in my opinion the "correct" answer surely depends on the context and people you're talking to! Sorry that I can't give you a perfect answer but I think there even is no strict definition of "HTTP authentication" in general.

Marco
vani venkat
Ranch Hand

Joined: Nov 21, 2006
Posts: 142
thanks marco, i will try to get the exact question next time. after reading your reply, i am a bit doubtful about question.
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1280

It wasn't my intention to confuse you even more

If we're talking about exam question, well that's another thing. If the authors (think they) have a strict definition for such a vague term, you will have no chance but to learn the right answer - regardless whether it makes much sense or not. But I wouldn't worry too much about such subtle difference for "real" life ;-)

Marco
vani venkat
Ranch Hand

Joined: Nov 21, 2006
Posts: 142
But I wouldn't worry too much about such subtle difference for "real" life ;-)


nice.. i hope to get there some time soon.
thank you for your support.
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1280

You're welcome ;-)

If you'd be asking ten people this question, I'm sure you would be getting at least three or four "correct" answers. So don't worry about such details and take care of more important things!

Marco
Jim So
Greenhorn

Joined: Mar 18, 2009
Posts: 28
as i understand it. when you are asked in the mock exam questions: what are the two http authentication methods.

The answer is: HTTP basic and digest authentication
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1280

This makes perfect sense as these two are directly integrated into HTTP.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: http authentication methods