Re: [Juglist] HttpServletRequest.getRemoteUser() and Http Authentication

Erik Hatcher Fri, 09 Apr 2004 23:34:19 -0700

and we could even remove the techno talk altogether. form-based authentication is prevalent because it simply makes for a better user experience. form based over ssl in the case of more secure scenarios, and of course digital certificates and biometrics at the edges.

"basic" authentication is simply too basic and clunky to be mainstream, not to mention unsecure by default.

On Apr 9, 2004, at 10:53 PM, Christopher L Merrill wrote:

Richard O. Hammer wrote:
Do very few Java web apps use HTTP-based authentication because it so flaky as to be almost useless for any serious application?
IMO, yes.  This is not limited to java-based web apps.  We see
a lot of different types of apps (JSP, ASP, Cold Fusion, Oracle,
etc) from our customers and HTTP-based auth is pretty rare.
-- ----------------------------------------------------------------------- -- Chris Merrill | http://www.webperformanceinc.com Web Performance Inc. | http://www.webperformancemonitoring.net

Website Load Testing, Stress Testing, and Performance Monitoring Software ----------------------------------------------------------------------- --
_______________________________________________
Juglist mailing list
[EMAIL PROTECTED]
http://trijug.org/mailman/listinfo/juglist_trijug.org

_______________________________________________
Juglist mailing list
[EMAIL PROTECTED]
http://trijug.org/mailman/listinfo/juglist_trijug.org

Re: [Juglist] HttpServletRequest.getRemoteUser() and Http Authentication

Reply via email to