Page 1 of 1
http authentication vs post form
Posted: Fri Mar 02, 2007 5:00 pm
by Skara
I have a really simple question that I can't seem to find an answer to.
Is http authentication more or less secure than using an html form? Do they both do the same basic thing?
Posted: Fri Mar 02, 2007 5:03 pm
by nickvd
http auth is handled by the web server (most of the time anyway) form auth would be up to the programmer to deal with.
Posted: Fri Mar 02, 2007 5:14 pm
by Mordred
From HTTP point of view, it's the same, it's done either by headers or by POST data. From the point of app programing, it's easier to manage logins in a database than in a flat file if you have lots of users. nickvd has a point though, if you need to have one admin and all other users are just guests, just put all admin stuff in a directory, and protect it with .htacess and that's it.
Posted: Sat Mar 03, 2007 11:29 am
by Skara
Ok, I didn't figure either would be much better than the other. Just curious. Thanks.