Basic Authentication
Basic authentication requires users to provide a user name and password to access the server. Basic authentication is the default setting. You must create and store a list of users and groups in an LDAP database, such as the Oracle Directory Server Enterprise Edition, or in a file. You must use a directory server installed on a different server root than your Proxy Server, or a directory server installed on a remote computer.
When users attempt to access a resource that has User-Group authentication, users are prompted to provide a user name and password. The server receives this information encrypted or unencrypted, depending on whether encryption is turned on for your server (SSL is enabled).
Note –
Using Basic authentication without SSL encryption sends the user name and password in unencrypted text across the network. The network packets could be intercepted, and the user name and password could be pirated. Basic authentication is most effective when combined with SSL encryption, Host-IP authentication, or both. Using Digest authentication eliminates this problem.
If the authentication is successful, the user sees the requested resource. If the user name or password is invalid, the system issues a message denying access.
You can customize the message received by unauthorized users. For more information, see Responding When Access Is Denied.
- © 2010, Oracle Corporation and/or its affiliates