New Feature: Support Basic http authentication via username:password info in URL

krishnarajnairmk / im-only-resting

Automatically exported from code.google.com/p/im-only-resting

Apache License 2.0

0 stars 0 forks source link

New Feature: Support Basic http authentication via username:password info in URL #46

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

One of two approaches:
1) present dialog to enter credentials if required by the requested page
2) allow entering credentials ahead of time in some form fields

#2 has the advantage that we can persist the credentials, but has the 
disadvantage that they may introduce a security risk (storing credentials in 
plain text).

Original issue reported on code.google.com by stephen....@gmail.com on 23 Jul 2014 at 1:44

GoogleCodeExporter commented 9 years ago

Note that at this time we already are able to manually send the Authorization 
header for basic auth (i.e. Authorization: Basic <base64 encoded 
username:password>)

Original comment by stephen....@gmail.com on 7 Sep 2014 at 2:31

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

We are limiting the scope of this issue to just translating username:password 
info in the url into the Authorization header with Basic <base64 encoded 
username:password> value. i.e. the following URL

Aladdin:open sesame@example.com

will send the following http request header

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

(per the wikipedia example: 
http://en.wikipedia.org/wiki/Basic_access_authentication)

responding to 401 challenges will be done in a separate issue.

Original comment by stephen....@gmail.com on 7 Sep 2014 at 2:43

GoogleCodeExporter commented 9 years ago

Original comment by stephen....@gmail.com on 7 Sep 2014 at 3:37

Added labels: Milestone-Release1.3.0