Re: s/key authentication for Apache on FreeBSD?

From: Brett Glass (brett_at_lariat.org)
Date: 12/14/03

  • Next message: Colin Percival: "Re: s/key authentication for Apache on FreeBSD?"
    Date: Sat, 13 Dec 2003 19:35:43 -0700
    To: bruce@nikkel.com
    
    

    At 03:15 AM 12/11/2003, bruce@nikkel.com wrote:
      
    >If the basic auth string was not included in an http request, the
    >webserver would generate a error 401 (Unauthorized). Check out RFC 2617
    >(HTTP Authentication: Basic and Digest Access Authentication).

    True. But does it authenticate again? Or merely recognize that you're
    the same person you were before and let you through?

    --Brett

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Colin Percival: "Re: s/key authentication for Apache on FreeBSD?"

    Relevant Pages

    • Re: tcl and windows authentication...
      ... For user authentication you can perhaps use something like the SASL stuff from tcllib in combination with your kerberos tokens. ... Windows has a special http api, called WinHTTP. ... // Create an HTTP request. ... strResult = WinHttpReq.ResponseText; ...
      (comp.lang.tcl)
    • Re: Performance Problems with Probing
      ... anonymous authentication to improve your Asp.net application performance. ... not force all the client customer browserto do anything. ... code parsing, Html code rendering and Html code client parsing, but not the ... HTTP request, so you may pay more attention to improve the application ...
      (microsoft.public.dotnet.framework.windowsforms)
    • Re: this is a port scan, right?
      ... The long authentication line gives it away. ... with the authentication line of an http request. ... on the open internet. ... or be running a web server, ...
      (comp.security.misc)
    • Re: this is a port scan, right?
      ... The long authentication line gives it away. ... with the authentication line of an http request. ... on the open internet. ... or be running a web server, ...
      (comp.os.linux.networking)
    • Re: [Full-disclosure] HTTP AUTH BASIC monowall.
      ... authentication because the basic auth didn't cut it for me. ... Digest access authentication verifies that both parties ... authentication protocols, the greatest sources of risks are usually ...
      (Full-Disclosure)