HTTP Authentication and
Form based authentication
HTTP Authentication could be Basic Access Authentication and Digest Access Authentication .
Let us understand Basic Access Authentication ,
Suppose there is a resource linux.pdf located on http://linuxmantra.com/res/linux.pdf
Client send standard HTTP request for the resource.
Now if the res/linux.pdf is a protected resource, then the response from the server could be as below
HTTP/1.1 401 Authorization Required
WWW-Authenticate: Basic realm=”linuxmantrasafe”
Keep-Alive: timeout=25, max=75
Authorization: Basic c7dhc3A6cGFbf3dvcmQ=
In above example c7dhc3A6cGFbf3dvcmQ= is base64 encoded value of loginame+password.