httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marat Khalili <>
Subject Re: [users@httpd] Authentication options besides basic
Date Fri, 22 Dec 2017 18:07:53 GMT
Basic authentication within SSL connection is actually pretty secure, but not very user-friendly.
For instance, digest authentication is actually less secure, because it forces you to store
passwords in plaintext.

Form authentication, like everything inside the webpage, is better be left to a layer above
the web server. If you don't like basic authentication, you probably need to implement authentication
as part of your Tomcat application.

With Best Regards,
Marat Khalili

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message