Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
documentation:latest:applications:authbasic [2016/03/09 20:55]
xguimard
documentation:latest:applications:authbasic [2017/11/20 15:00]
xguimard Spelling errors
Line 15: Line 15:
 <​html></​blockquote></​html>​ <​html></​blockquote></​html>​
  
-So HTTP Basic Autentication ​is managed trough an HTTP header (''​Authorization''​),​ that can be forged by LL::NG, with this precautions:​+So HTTP Basic Authentication ​is managed trough an HTTP header (''​Authorization''​),​ that can be forged by LL::NG, with this precautions:​
   * Data should not contains accents or special characters, as HTTP protocol only allow ASCII values in header (but depending on the HTTP server, you can use ISO encoded values)   * Data should not contains accents or special characters, as HTTP protocol only allow ASCII values in header (but depending on the HTTP server, you can use ISO encoded values)
   * You need to forward the password, which can be the user main password (if [[..passwordstore|password is stored in session]], or any user attribute (if you keep secondary passwords in users database).   * You need to forward the password, which can be the user main password (if [[..passwordstore|password is stored in session]], or any user attribute (if you keep secondary passwords in users database).