WingNews logo WingNews
top | item 8284909

(no title)

easel | 11 years ago

The advantage is particularly that you don't have to use basic auth. Basic auth in a browser context is more or less a non-starter. The browser's basic auth implementation will take over and provide a generally poor, uncontrollable user experience.

For server-to-server authentication, there is less to recommend this, although it does allow services to authenticate without having to check a credential against a data store someplace.

discuss

order

jimktrains2|11 years ago

Which is sad, otherwise things like SRP could have become built in as well.

I guess you could could kludge it into a form with a method="SRP" and have the browser do it's thing with the username and password field.