In the context of an HTTP transaction, the basic access authentication is a method designed to allow a web browser, or other client program, to provide credentials – in the form of a user name and password – when making a request.
| Property | Value |
|---|
| p:abstract
| - In the context of an HTTP transaction, the basic access authentication is a method designed to allow a web browser, or other client program, to provide credentials – in the form of a user name and password – when making a request.
Before transmission, the username and password are encoded as a sequence of base-64 characters. For example, the user name Aladdin and password open sesame would be combined as Aladdin:open sesame – which is equivalent to QWxhZGRpbjpvcGVuIHNlc2FtZQ== when encoded in Base64. Little effort is required to translate the encoded string back into the user name and password, and many popular security tools will decode the strings "on the fly".
Wrongly, people believe that this base-64 encoding is done because of security, to prevent it from being read directly by a person. Encoding is done, instead, to avoid breaking the HTTP protocol data encoding because of bizarre (and more secure) passwords containing special HTTP characters, such as newlines.
The basic access authentication was originally defined by RFC 1945 (Hypertext Transfer Protocol – HTTP/1.0) although further information regarding security issues may be found in RFC 2616 (Hypertext Transfer Protocol – HTTP/1.1) and RFC 2617 (HTTP Authentication: Basic and Digest Access Authentication). (en)
- L'identification (ou authentification) HTTP (spécifiée par [RFC 2617]) permet de s'identifier auprès d'un serveur HTTP en lui montrant que l'on connaît le nom d'un utilisateur et son mot de passe, afin d'accéder aux ressources à accès restreint de celui-ci. (fr)
- Basic認証(ベーシックにんしょう、Basic Authentication)とは、HTTPで定義される認証方式の一つ。
Basic認証では、ユーザ名とパスワードの組みをコロン ":" で繋ぎ、Base64でエンコードして送信する。このため、盗聴や改竄が簡単であるという欠点を持つが、ほぼ全てのWebサーバおよびブラウザで対応しているため、広く使われている。
盗聴や改竄を防ぐため、後にDigest認証というユーザ名とパスワードをMD5でハッシュ化して送る方法が考えられた。 (ja)
|
| p:hasPhotoCollection
| |
| p:reference
| |
| p:wikipage-fr
| |
| p:wikipage-ja
| |
| rdfs:comment
| - In the context of an HTTP transaction, the basic access authentication is a method designed to allow a web browser, or other client program, to provide credentials – in the form of a user name and password – when making a request. (en)
- L'identification (ou authentification) HTTP (spécifiée par [RFC 2617]) permet de s'identifier auprès d'un serveur HTTP en lui montrant que l'on connaît le nom d'un utilisateur et son mot de passe, afin d'accéder aux ressources à accès restreint de celui-ci. (fr)
- Basic認証(ベーシックにんしょう、Basic Authentication)とは、HTTPで定義される認証方式の一つ。 (ja)
|
| rdfs:label
| - Basic access authentication (en)
- HTTP Authentification (fr)
- Basic認証 (ja)
|
| skos:subject
| |
| foaf:page
| |
| p:disambiguates
| |
| p:redirect
| |
![[RDF Data]](http://dbpedia.org/statics/sw-cube.png)
