HTTPAuth 免费编辑 添加义项名

1. Basic Access Authenticati来自on

the credentials are pass欢机距质灯密ed as plaintext and could be intercepted easily.

这个凭据是作为明文被发送并且可以被轻松的截取

360百科To prevent the user name and password being read 怀去营再卷婷尔烧八历directly by a pers布转动资蒸讲啊温on, they are encoded as a sequence of 级扬里局事曾划base-64 chara观单获cters before transmission.

为了防止用户的账号密码被别人读取，这些数据在传输前被室分电班活易编码成 base-64格式 编码序列

examp九次学伯投翻门以每作其le:

例如

Client request (no authentication):

客户端(浏览器)请求(没有认证)

GET /private/index.html HTTP/1.0

数据传输方式(GET) 请求文件的url

Host: localhost

主机地址:ip地址

Server response:

服务器 响应:

HTTP/1.0 401 Unauthorised

请求协议 状态码 状态(没有权限)

Server: SokEvo/1.0

服务器:服务器资帝画互节后化教代号

Date: Sat, 27 Nov 2004 10:18:15 GMT

时间

WWW-A握范uthenticate: Basic real束m="SokEvo"

3W验证 :基本环境

Content-Type: tex染饭批春迅顶阻临固双热t/html

文件类型 : html text

Content-应办些Length: xxx

文件长度

下面是具体其带坚求内容html文档

<HTML>

<HEAD>

<TITLE>Error</TITLE>

</HEAD>

<BODY><H1>401 Unauthorised.</H1></BODY>

</HTML>

Client request (user name "Aladd德并货么鸡画重in", password "open sesame")升剂千无日乐孔握裂:

GET /private误车领段年翻军别缩队岩/index.html HTTP/1.0

Host: localhost

Auth工牛orization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

认证码

Ser问存款何修ver response:

HTTP/1.0 200 OK

Server: SokEvo/1.0

Date: Sat, 27 Nov 2004 10:19:07 GMT

Content-Type: text/html

Content-Length: 10476

2. D手想飞等黑掉费细走igest Access Authentication

摘要访问认证

user identity to be established securely without having to send a passw队最座ord in plaintext over the network. Digest authent袁换支图倍他五并十ication is basically an application of MD5 cryptographic hashing with usage of nonce values to prevent cryptanalysis.

用户认证安全的不用通过网络发送明文密码。摘要认证是基于MD5加密应用 通过散列的随机士掌西款尔模病究观雷数值的事用以防止密码被分析

example:

Client r完围冲木战胡抗局办哪延equest (no authentication):

GET /dir/index.html HTTP/1.0

Host: loc鲁刘知陈alhost

Server response:

HTTP/1.0 401 Unauthorised

Server: SokEvo/0.9

Date: Sun, 10 Apr 2005 20:26:47 段精普而兴预载深培GMT

WWW-Authen脸训支ticate: Digest r城ealm="testrealm@host.com", qop="aut后答跑目木h,auth-int", nonce="dcd98b7102dd2f茶行李动0e8b11d0f600持翻免政河操节害实集胡bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"

MD5加密认证

Content-Type: text/html

Content怎器燃军-Length: xxx

<HTML>

<HEAD>

<TITLE>Error</TITLE>

</HE吸够明部AD>

<BODY><H1>401 Unauthor皇ised.</H1></BODY>

</HTML>

Cli七微场做矛打活妒举谁ent reque儿送st (user name "Mufasa", pas握娘sword "Circle Of Life"):

GET /dir/index弱于稳初员.html HTTP/1.0

Host: localhost

Authorization: Digest username="Mufa倒道采稳路架情稳sa",

认证 摘要 用户名=

realm=te承strealm@host.com,

领域=

nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",

随机数

uri="/dir/index.html",

访问路径

qop=auth,

占刘爱绝示烧升之评nc=0000000航周座班停职只逐声够1,

cnonce="0a4f113b",

r块各量坐深政即束爱普esponse="6629fae49393a05397450978507c4ef1",

响应

opaque="5ccc069c403ebaf9f0171若运紧斯断全物如紧低e9517f40e41"

Server response:

HTTP/1.0 200 OK

Server: SokEvo/0.9

Date: Sun, 10 Apr 2005 20:27:03 GMT

Content-Type: text/html

Content-Length: 7984