HTTP Basic Authentication
- It is the simplest most commonly used type of authentication.
- it has introduced in Http 1.1 specification and every web server by default provides support for this.
Process of basic authentication:
- Browser sends a request to the server at this time browser donâ€™t know whether the requested resource is secure or not. Hence it sends a normal http request.
- server obsers that the requested resource is secure hence instead of sending the required response it will send 401 status code saying it requires authentication.
- By seeing 401 status code browser opens a dialog box prompting for user name and password.
- Once the user enters user name & pwd browser re sends the request with user credentials.
- Once server got the request, it validates the user name & pwd. If they are valid server sends 401 status code again.
Advantages of basic Authentication:
- It is very easy to implement and set up.
- All browsers and web servers can provide support for this
- user name & password is sending in plain text form ( base-64 encoding) from client to server. Hence the security is very less in this authentication.
- We can’t change look and feel of dialog box.