Metawerx Java Hosting Small Logo

<auth-method>

This tag specifies the authentication method for the application's security realm.

It takes four possible values:

  • BASIC - BASIC authentication, login is via a browser-specific popup login window
  • DIGEST - DIGEST based authentication, login is via a browser-specific popup login window as with BASIC, but credentials are hashed at the client end using a random value from the server, to prevent the plaintext password being sent over HTTP. This method requires the realm to be configured for MD5 in <server.xml> and a hash to be stored in the Realm. See the Tomcat Documentation for further information.
  • FORM - FORM based authentication, uses a login page specified with <form-login-page> and the user is sent to an error page specified with <form-error-page> on unsuccessful logins.
  • CLIENT_CERT - Client-side SSL certificate based authentication. The certificate is passed to the server to authenticate.

More Information

See Also

navigation
metawerx specific
search
Share
tools
help

referring pages

Share