[OTDev] A note on A&A
chung chvng at mail.ntua.grSat Sep 11 16:07:48 CEST 2010
- Previous message: [OTDev] DateTime Format in Web Services
- Next message: [OTDev] A note on A&A
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dear All, For the time, there are two basic ways for a client to provide authentication credentials to a server: providing a token URI in the URL of the request (e.g. http://server.com/service?tokenid=XXX ) or alternatively providing its username and password in the URL like http://server.com/service?username=XXX&password=YYY. (The latter is good for testing but not that safe). Maybe there should be a third option: the use of the HTTP header Authorization For example: Authorization : USERNAME:PASSWORD or Authorization : TOKENID_URL_ENCODED This is a W3C recommendation for servers that require authentication. You can get more details at http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8 Best regards, Pantelis
- Previous message: [OTDev] DateTime Format in Web Services
- Next message: [OTDev] A note on A&A
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list