Use HTTP Form Authentication

Single sign-on authentication is the preferred mechanism for deploying HDR and HDR-based web applications.

When single sign-on is not configured, we recommend using HTTP form authentication rather than HTTP basic authentication. With HTTP basic authentication, each client call to the web application performs login validation at least two times: once to determine if the client has permissions to access the web resource, and again during HDR API calls. With HTTP form authentication, the HTTP login form displays upon the first web access, and an HTTP cookie transparently authenticates the user.