O'Reilly logo

Head First Servlets and JSP, 2nd Edition by Bert Bates, Bryan Basham, Kathy Sierra

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary of Authentication types

This table summarizes key attributes of the four authentication types. “Spec” refers to whether this type of authentication mechanism is defined in the HTTP spec or the J2EE spec. (Hint: you’ll need to remember this table when you take the exam.)

Type

Spec

Data Integrity

Comments

BASIC

HTTP

Base64 - weak

HTTP standard, all browsers support it

DIGEST

HTTP

Stronger - but not SSL

Optional for HTTP and J2EE containers

FORM

J2EE

Very weak, no encryption

Allows a custom login screen

CLIENT-CERT

J2EE

Strong - public key, (PKC)

Strong, but users must have certificates

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required