How to use authentication
types of authentication Figure 21-6 presents three common types of authe
Form-based authentication
- Allows the developer to code a login form that gets the username and password.
- Allows the developer to only request the username and password once per session.
- By default, it doesn’t encrypt the username and password before sending them to the server.
Basic authentication
- Causes the browser to display a dialog box that gets the username and password.
- Requires the browser to send the username and password for every protected page.
- By default, it doesn’t encrypt the username and password before sending them to the server.
Digest authentication
- Causes the browser to display a dialog box that gets the user name and password.
- Encrypts the username and password before sending them to the server.
Description
- Since basic authentication and form-based authentication don’t automatically encrypt the username and password before sending them to the server, these types of authentication are typically used over a secure connection.
- Since digest authentication isn’t as secure as using a secure connection, it isn’t used as often as basic authentication or form-based authentication over a secure connection.
Back