0

I have a restful api I want to access, and my app has its own login form. I want to use those credentials every time I try to access my rest resources. The problem is, since I´m using HTTP Digest, every time I send the 401 Unauthorized header, an ugly browser-specific login form will pop. How do I override this? How do I pass the username and password to the Digest Auth without using the default form? Not sure if my question is specific enough...

Guj Mil
  • 333
  • 4
  • 16

1 Answers1

-2

Just specify login and password in the url in the form of

http://username:password@domain/url
zerkms
  • 249,484
  • 69
  • 436
  • 539
  • I actually tried this and is working fine, thanks, but now I have a question: This means that I have to store the raw username and password when the user first logs in, in order to call my rest resources like this: http://username:password@domain/resource; isn't this a flaw in the security? – Guj Mil Aug 12 '12 at 07:46
  • @Guj Mil: you need to have username and passwords in plaintext when you perform the request. Temporarily between requests you may have them encrypted – zerkms Aug 12 '12 at 10:50