HTTP Basic Authentication: The username and password are sent to the server without any encryption.
HTTP Digest Authentication: A hash function is applied to the password before it is sent. So more secure than Basi
HTTPS: HTTP + SSL. SSL encrypts all information going over network.
Do I need Digest authentication if already using SSL?
No, following explaination on stack overflow explains
http://stackoverflow.com/questions/11923607/do-you-still-need-to-use-digest-authentication-if-you-are-on-ssl
Other SSL resources
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Introduction_to_SSL
HTTP Digest Authentication: A hash function is applied to the password before it is sent. So more secure than Basi
HTTPS: HTTP + SSL. SSL encrypts all information going over network.
Do I need Digest authentication if already using SSL?
No, following explaination on stack overflow explains
http://stackoverflow.com/questions/11923607/do-you-still-need-to-use-digest-authentication-if-you-are-on-ssl
Other SSL resources
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Introduction_to_SSL
No comments:
Post a Comment