Basic authentication within SSL connection is actually pretty secure, but not very user-friendly. For instance, digest authentication is actually less secure, because it forces you to store passwords in plaintext. Form authentication, like everything inside the webpage, is better be left to a layer above the web server. If you don't like basic authentication, you probably need to implement authentication as part of your Tomcat application. -- With Best Regards, Marat Khalili --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|