Stack Overflow
Stack Overflow

Questions tagged [basic-authentication]

Basic authentication is a method for a web browser or other client program to provide a user name and password when making a request.

Basic authentication was introduced with RFC1945 (HTTP/1.0) and is historically the first mechanism for authenticating at the HTTP layer level. Relying on base64 encoding, it is considered from the beginning as weak and unsecure, but it has a legitimate use on trusted connections (either on encrypted tunnels such as SSL, or unencrypted on a closed network).

Mechanism description :

When challenged by an HTTP server sending a WWW-Authenticate header with a realm challenge, the HTTP client must send a new request including an Authorization header containing the user's credentials encoded in base64.

The user credentials can be stored on the HTTP server itself, or on a remote system such as LDAP.

3320 questions
38
votes
5 answers

How to display the Authentication Challenge in UIWebView?

I am trying to access a secure website through UIWebView. When I access it through safari, i get an authentication challenge but the same does not appear in my UIWebView in the application. How can I make it appear? Any pointers, sample code or…
UVT
  • 521
  • 1
  • 4
  • 9
37
votes
1 answer

How do I get basic auth working in angularjs?

How can I get basic auth working in AngularJs? I've googled and the resources aren't working for me. I'm very new to AngularJS
Daniel Kaplan
  • 62,768
  • 50
  • 234
  • 356
36
votes
4 answers

Making a HTTP GET request with HTTP-Basic authentication

I need to build a proxy for a Flash Player project I'm working on. I simply need to make a HTTP GET request with HTTP-Basic authentication to another URL, and serve the response from PHP as if the PHP file was the original source. How can I do this?
Naftuli Kay
  • 87,710
  • 93
  • 269
  • 411
34
votes
3 answers

ASP.net Web API RESTful web service + Basic authentication

I'm implementing a RESTful web service using ASP.Net Web Api. I have concluded to use Basic authentication + SSL to do the authentication part. What is the best/correct way to implement that? My first attempt was to do it manually, parsing the…
alfoks
  • 4,324
  • 4
  • 29
  • 44
33
votes
3 answers

Selenium Chrome 60 Headless Handle Basic Authentication SAML Dialog over HTTPS

Chrome 59 removed support for https://user:password@example.com URLs. I have a C# selenium test that needs to work with Chrome Version 60 on Windows in 'headless' mode ChromeOptions options = new…
Ian Ceicys
  • 471
  • 4
  • 8
33
votes
2 answers

In Spring-Security with Java Config, why does httpBasic POST want csrf token?

I am using Spring-Security 3.2.0.RC2 with Java config. I set up a simple HttpSecurity config that asks for basic auth on /v1/**. GET requests work but POST requests fail with: HTTP Status 403 - Invalid CSRF Token 'null' was found on the request…
shawnim
  • 580
  • 1
  • 6
  • 11
31
votes
3 answers

Cookies vs Basic Auth

Why almost all websites out there are using cookies instead of basic auth? It can't be only that the user/pass window is ugly and none of them is more secure. They are both insecure (without https).
loxs
  • 1,476
  • 1
  • 12
  • 27
30
votes
1 answer

What does php's CURLOPT_USERPWD do

I was wondering what CURLOPT_USERPWD is actually doing to the url, header or data of a request. Is it INSTEAD OF the Authorization: Basic or does it work along side this? Is it modifying the url to…
Dominic
  • 62,658
  • 20
  • 139
  • 163
29
votes
4 answers

HTTP Client based on NodeJS: How to authenticate a request?

This is the code I have to make a simple GET request: var options = { host: 'localhost', port: 8000, path: '/restricted' }; request = http.get(options, function(res){ var body = ""; res.on('data', function(data) { body…
João Pinto Jerónimo
  • 9,586
  • 15
  • 62
  • 86
29
votes
5 answers

Apache basic authentication except for those Allowed

Problem: I have some files under /var/www/files/ that I want them to be accessed from specific IP addresses WITHOUT requiring user/password. However, I would like that any other IP address SHOULD require login to gain access. This is in my…
lepe
  • 24,677
  • 9
  • 99
  • 108
29
votes
4 answers

Adding Basic Authorization for Swagger-UI

I have currently deployed a swagger project but I am having trouble adding some basic authorization to it. Currenty when you click on the "Try it out!" button you are required to log in to an account to access the results. I have an account that I…
Zack Herbert
  • 942
  • 1
  • 16
  • 39
29
votes
2 answers

How do I use window.fetch() with httpOnly cookies or basic auth

I'm playing around with window.fetch() in Firefox and Chrome. For some reasons, fetch() doesn't send any cookies. Now that wouldn't be a problem, as I can send them using fetch('/something', { headers: { Cookie: document.cookie } }) But this won't…
Damian Senn
  • 1,135
  • 1
  • 9
  • 13
28
votes
3 answers

JQuery Ajax calls with HTTP Basic Authentication

I have a REST based server which I am trying to communicate with using JQuery. Both XML and JSON are available as response formats, so I am using JSON. The connections are all SSL so HTTP Basic Authentication has been our authorization method of…
Dylan
  • 281
  • 1
  • 3
  • 3
27
votes
3 answers

Authentication with WKWebView in Swift

In my iOS app, I would like to use a WKWebView to wrap an external URL in the application. This URL requires basic authentication (it needs user and password credential, like in the following screenshot). After some investigation, I'm trying to use…
giograno
  • 1,749
  • 3
  • 18
  • 30
27
votes
3 answers

Basic Authentication With XMLHTTPRequest

I am attempting to use XMLHTTPRequest to get an update on twitter. var XMLReq = new XMLHttpRequest(); XMLReq.open("GET", "http://twitter.com/account/verify_credentials.json", false, "TestAct", "password"); XMLReq.send(null); However, using my…
x1a0
  • 456
  • 3
  • 7
  • 8
1 2 3
99 100