HTTP – Authentication

Rodzaje: Basic, Digest, Bearer (OAuth 2.0), HOBA (HTTP Origin-Bound Authentication), Mutual, AWS4-HMAC-SHA256

Serwer WWW

HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic realm="Access to staging site"

Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l

HTTP/1.1 403 Forbidden       lub  HTTP/1.1 200 OK

Proxy

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="Access to internal site"

Proxy-Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l

HTTP/1.1 403 Forbidden      lub HTTP/1.1 200 OK

Basic Authentication – dane uwierzytelniające przesyłane są w formie zakodowanej base64(user:md5(password)) –  YWxhZGRpbjpvcGVuc2VzYW1l

.htaccess – plik konfiguracyjny

AuthType Basic
AuthName "Access to the staging site"
AuthUserFile /path/to/.htpasswd
Require valid-user

.htpasswd – dane logowania – username:MD5(passwd)

aladdin:$apr1$ZjTqBB3f$IF9gdYAGlMrs2fuINjHsz.
user2:$apr1$O04r.y2H$/vEkesPhVInBByJUkXitA/

 

 

https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication