The basic authentication
Some websites will allow user credentials to be passed on to the authenticating web server via fields reserved for this purpose in the HTTP request itself. This is referred to as basic authentication and can be configured either with user input or more commonly through preconfigured profiles implemented in client-side scripts or browser plugins. While this seems like something a little too easy to attack, when done right, the mechanism is typically protected by TLS encryption, and entities are both leveraging certificates to provide even greater certainty. This is quite commonly used in Application Programming Interfaces (APIs) and corporate Intranet applications used by operators and support staff, and some mobile ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access