Jump to content

HTTP Authentication

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Edmundwoods (talk | contribs) at 08:35, 8 December 2007 (Then...). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

HTTP Authentication is the built in mechanism of the HTTP 1.x protocol for requiring a valid username or password to gain access to web resources. This mechanism can be initiated by either a CGI script or by the web server itself.

There are currently 2 modes of authentication built into the HTTP 1.1 protocol, termed "Basic" and "Digest" Access Authentication.

Basic Authentication transmits the username-password pair in an unencrypted form from the browser to the server and in such should not be used for sensitive logins unless operating over an encrypted medium such as SSL.

Digest Authentication sends the server a one way hash of the username-password pair calculated with a time sensitive, server supplied salt value.

This article is a stub. You can help Wikipedia by expanding it.

Overview of HTTP Authentication

Retrieved from "https://en.wikipedia.org/w/index.php?title=HTTP_Authentication&oldid=176535885"