Auth_basic plain password in html

All,

I have setup aut_basic on my nginx webserver, whenever I authenticate
the username and password are send as plain text via the html request
from my webbrowser, is there an easy solution for this? Or should I
switch to the non default nginx_http_auth_digest module?

Thanks,

Tom

On Thu, Jun 11, 2015 at 11:07:57AM +0000, de Brouwer Tom (ST-CO/ENG5.1)
wrote:

Hi there,

I have setup aut_basic on my nginx webserver, whenever I authenticate the
username and password are send as plain text via the html request from my
webbrowser, is there an easy solution for this?

HTTP Basic Authentication is effectively plain text between the browser
and the server.

The way to make that not easily readable is to wrap it in tls - so run
a https service instead of a http service.

Or should I switch to the non default nginx_http_auth_digest module?

The other option is not to use HTTP Basic Authentication; HTTP Digest
Authentication is probably the most familiar alternative for common
browsers.

f

Francis D. [email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs