Talk:HTTPS/Authenticated: Difference between revisions

Content added Content deleted

Inline

Revision as of 21:16, 9 May 2009

What's it all about?

What does “authentication” mean here anyway? (This was by me. —Dkf 21:16, 9 May 2009 (UTC))

It looks like it's using standard HTTP authentication over an SSL tunnel. HTTP natively supports auth without cookies or login forms. It's not widely used. --Short Circuit 22:13, 8 May 2009 (UTC)

If only it was not widely used. Our intranet is infested with it. Still, it's about the best we can do without webscraping (can't count on all login forms to work the same way...) Bad challenge really. Or we could adjust the overall challenge to request demonstrating both this way and also via having the client present a certificate that the server understands (which means wrestling with the nastiness that is SSL configuration). —Dkf 21:16, 9 May 2009 (UTC)

@@ Line 1: / Line 1: @@
 ==What's it all about?==
-What does “authentication” mean here anyway?
+What does “authentication” mean here anyway? ''(This was by me. —[[User:Dkf|Dkf]] 21:16, 9 May 2009 (UTC))''
 : It looks like it's using standard HTTP authentication over an SSL tunnel.  HTTP natively supports auth without cookies or login forms.  It's not widely used. --[[User:Short Circuit|Short Circuit]] 22:13, 8 May 2009 (UTC)
+:: If only it was not widely used. Our intranet is infested with it. Still, it's about the best we can do without webscraping (can't count on all login forms to work the same way...) Bad challenge really.  Or we could adjust the overall challenge to request demonstrating both this way and also via having the client present a certificate that the server understands (which means wrestling with the nastiness that is SSL configuration). —[[User:Dkf|Dkf]] 21:16, 9 May 2009 (UTC)