I think its desirable from the point of view of intuitiveness. To give you an example, I rarely need to consult the JDOM javadocs because everything is so intuitive. This is A Good Thing.
As for it being a security risk, its still stored in a string in the binary, and so is trivially locatable. Over the wire, it'll be transmitted in exactly the same manner. Regards, Oli On Tue, 2006-05-09 at 09:25 +0200, Schölver, Andreas wrote: > Is a clear text password really desirable or is it a security issue? > > Andreas > > > -----Original Message----- > > From: Martin Redington [mailto:[EMAIL PROTECTED] > > Sent: Monday, May 08, 2006 11:56 PM > > To: [email protected] > > Subject: Re: HTTP Authentication again > > > > > > > > I think I was one of the original complainers about this (Hi Danny), > > back in the day. > > > > This is definitely desirable, imho ... > > > > On 8 May 2006, at 17:07, Danny Angus wrote: > > > > > Here is another one.. > > > > > > ---------- Forwarded message ---------- > > > From: Marek 'MMx' Ludha <[EMAIL PROTECTED]> > > > Date: 02-Mar-2006 20:41 > > > Subject: HTTP Authentication again > > > To: [email protected] > > > > > >> I also tried to put username and password into URL, like > > >> config.setServerURL(new URL("http://admin:[EMAIL PROTECTED]:8080/ > > >> resource")); > > >> but this sent request with no authentication information at all. > > >> Therefore I want to ask if I am doing something wrong or > > what is the > > >> recomended way to authenticate. > > > > > > > >
