Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Using custom Digest authentication
Message
De
11/09/2012 07:50:03
Viv Phillips
Hay-On-Wye, Royaume Uni
 
 
À
10/09/2012 17:20:06
Michel Fournier
Level Extreme Inc.
Petit-Rocher, Nouveau-Brunswick, Canada
Information générale
Forum:
Internet
Catégorie:
Sécurité
Titre:
Re: Using custom Digest authentication
Divers
Thread ID:
01552652
Message ID:
01552699
Vues:
34
>>Does that mean you are using 'Basic' authentication?
>>AFAICS, that means everything should go over HTTPS - something we want to avoid........
>
>No, https is not required for enabling a cookie.

Not required - but less secure without ?

>Basic authentication is also not in place as this would require to use a pre-defined database setup to be able to negotiate with that or intercept at high level the HTTP layer to validate against your own database with your actual application.

Don't you have to authenticate before issuing the cookie IAC ?
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform