Stack Overflow
Stack Overflow

Questions tagged [http-authentication]

HTTP authentication is a method for a HTTP user agent to provide a user name and a certain proof confirming the user's identity when making a request. Various proofs define different HTTP Authentication methods, e.g. basic, forms, digest, or others.

622 questions
31
votes
8 answers

HTTP Basic Authentication with HTTPService Objects in Adobe Flex/AIR

I'm trying to request a HTTP resource that requires basic authorization headers from within an Adobe AIR application. I've tried manually adding the headers to the request, as well as using the setRemoteCredentials() method to set them, to no…
Bob Somers
  • 7,266
  • 5
  • 42
  • 46
30
votes
2 answers

PHP CURL returns nothing

function ParseUrl($URL) { $crl = curl_init(); curl_setopt ($crl, CURLOPT_URL, $URL); curl_setopt ($crl, CURLOPT_PORT, 8086); curl_setopt ($crl, CURLOPT_USERPWD, "admin:pass"); curl_setopt ($crl, CURLOPT_RETURNTRANSFER, 1); …
jM2.me
  • 3,839
  • 12
  • 44
  • 58
28
votes
3 answers

JQuery Ajax calls with HTTP Basic Authentication

I have a REST based server which I am trying to communicate with using JQuery. Both XML and JSON are available as response formats, so I am using JSON. The connections are all SSL so HTTP Basic Authentication has been our authorization method of…
Dylan
  • 281
  • 1
  • 3
  • 3
28
votes
1 answer

What is the delimiter for WWW-Authenticate for multiple schemes?

I've read through RFC 2617 and can't find there or anywhere else what the delimiter is if multiple schemes are supported. For example, suppose both Basic and Digest are supported. I understand that it may appear this way: HTTP/1.1 401…
Andrew Arnott
  • 80,040
  • 26
  • 132
  • 171
25
votes
5 answers

Retrofit POST request w/ Basic HTTP Authentication: "Cannot retry streamed HTTP body"

I'm using Retrofit to do a basic POST request, and I'm providing a basic @Body for the request. @POST("/rest/v1/auth/login") LoginResponse login(@Body LoginRequest loginRequest); When I'm building the interface for Retrofit I'm providing my own…
spierce7
  • 14,797
  • 13
  • 65
  • 106
24
votes
2 answers

HTTP authentication between devise and iphone app

I'm new to ruby on rails but I want to send the data from my SQlite database from my iphone app to the rails web app. Like a "sync" service. I'm using devise for authentication for the web app. I enabled basic HTTP authentication and I can curl into…
Keith Rumjahn
  • 461
  • 3
  • 8
  • 16
24
votes
3 answers

HTTP Digest Authentication versus SSL

What is the difference between HTTP Digest Authentication and SSL from a performance, security and flexibility point of view?
Gili
  • 86,244
  • 97
  • 390
  • 689
23
votes
2 answers

Gradle use certificate authentication for repository

The Problem I have a Android Gradle project which should pull a lib from my companys sonatype nexus server. The nexus server uses a certificate authentication. That means the client has a private certificate which authenticates and authorizes him…
Arne Köckeritz
  • 529
  • 1
  • 4
  • 11
22
votes
5 answers

Django: Basic Auth for one view (avoid middleware)

I need to provide http-basic-auth to one view. I want to avoid modifying the middleware settings. Background: This is a view which gets filled in by a remote application.
guettli
  • 25,042
  • 81
  • 346
  • 663
22
votes
5 answers

How can I use Basic HTTP Authentication in PHP?

I'm trying to use Basic HTTP Authentication and followed the example on the PHP manual page. But it doesn't work for me. The variable $_SERVER['PHP_AUTH_USER'] doesn't seem to be set. When a user try to log in, the user is prompted whith a new…
Jonas
  • 121,568
  • 97
  • 310
  • 388
22
votes
2 answers

Rails: Accessing the username/password used for HTTP Basic Auth?

I'm building a basic API where user information can be retrieved after that user's login and password are correctly sent. Right now I'm using something like this: http://foo:bar@example.com/api/user.xml So, what I need to do is access the…
Shpigford
  • 24,748
  • 58
  • 163
  • 252
21
votes
3 answers

Correct HTTP code for authentication token expiry - 401 or 403?

401 seems to be used to indicate an authentication failure whereas 403 for an authorization failure (which means authentication succeeded?) In case of an oauth flow if I try to authenticate with an expired token what is the right error code that…
user393144
  • 1,575
  • 3
  • 14
  • 21
19
votes
2 answers

Very simple authentication using one-time cookie on nginx

I have a site intended only for private consumption by 3 coders. It's simple HTML served by nginx directly but intended for consumption inside and outside the office. I want to have a simple password or authentication scheme. I could use HTTP auth…
Ash
  • 1,266
  • 4
  • 14
  • 24
18
votes
2 answers

Is there a maximum length for a HTTP BASIC authentication username?

Is there a maximum length for a username or password which is sent to a web application through HTTP BASIC authentication? I looked through RFC2617 and couldn't find anything obvious, but was curious and wanted to make sure. (This is all being done…
user240438
13
votes
2 answers

Basic HTTP Authentication on iPhone

I'm trying to get a small twitter client running and I ran into a problem when testing API calls that require authentication. My password has special characters in it, so when I try to use the following code it doesn't work. NSString *post =…
Meroon
  • 3,458
  • 4
  • 25
  • 29
1
2
3
41 42