Previous wordsThe basic certification described in the previous article is convenient and flexible, but extremely unsafe. The user name and password are transmitted in clear text, and no action is taken to prevent tampering with the message. The
No authentication method
After a correct client request is sent to the server, the HTTP server returns the 200 status code and directly returns the content.
Message example:
Request:
Get. http: // 10.127.194.3: 8061/voiceobjects .....
Return
Http authentication .... BASIC:In the context of an HTTP transaction, Basic access authentication are a method for a Web browser or other client Program to provide a user name and password when making a request. [1]Before transmission, the user name
Digest access authenticationHttps://en.wikipedia.org/wiki/Digest_access_authentication
Digest access authentication is one of the Agreed-upon methods a Web server can use to negotiate credentials, suc H as username or password, with a user '
Basic authentication is convenient and flexible, but extremely unsafe. The user name and password are transmitted in clear text, and no action is taken to prevent tampering with the message. The only way to safely use Basic authentication is to use
This article transferred from: http://www.cnblogs.com/lanxiaoke/p/6357501.htmlSummary Certification Simple introductionAbstract authentication is the improvement of the basic authentication, that is, the use of abstract instead of account password,
In the previous article, we mainly discussed the use of HTTP Basic authentication method, because the way HTTP Basic authentication determines that it has a large security problem, so next look at another way to verify: Digest authentication, that
A. Basic CertificationAfter the client connects the user name and password with ":", the ciphertext is sent to the server by BASE64 encryption via the authorization request header, and each request needs to be sent repeatedly. The Basic
I. Preface
HTTP authentication is a way for Web servers to authenticate client permissions, which can provide a certain degree of security protection for Web applications. At present, some Web application projects have put forward the need to adopt
Asp. NET permission Authentication seriesAsp: Forms AuthenticationAsp: HTTP Basic Authentication (http Base)NET rights authentication: Windows authenticationAsp: Digest Authentication (digest Authentication)First, The origin of the summary
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.