Enthuware

Java Certification Resources and Java Discussion Forum
http://enthuware.com/forum/

About Question enthuware.ocejws.v6.2.228 :

http://enthuware.com/forum/viewtopic.php?f=40&t=2503

Page 1 of 1

About Question enthuware.ocejws.v6.2.228 :

Posted: Wed Apr 09, 2014 1:13 pm
by himaiMinh
How about this solution as the third example in the explanation?

Code: Select all

 @GET
 @Path("/usenamepwd")
 @Consumes("application/x-www-form-urlencoded")
  public String getUsernamePassword(@FormParam ("username") String username, @FormParam("password") String password) {
        String username = Base64.base64Decode(username);
        String password = Base64.base64Decode(password);
return username + ":"+password;
 }
The user can input the credentials using an HTML form on the browser.

Re: About Question enthuware.ocejws.v6.2.228 :

Posted: Thu Apr 10, 2014 1:57 pm
by fjwalraven
It is a nice possibility but the question is talking about Basic Authentication and where the credentials end up and how you can get to them.

Authentication is all about the web service or web application asking a user to authenticate.

Regards,
Frits

Re: About Question enthuware.ocejws.v6.2.228 :

Posted: Thu May 01, 2014 8:17 pm
by himaiMinh
Hi,
In option 3, it says "The username and password are not encrypted."
I think the client application can encrypt the credentials, and then encode them and send them over SSL.
The JAX-RS service can decode them and decrypt them.

Re: About Question enthuware.ocejws.v6.2.228 :

Posted: Thu May 01, 2014 10:52 pm
by fjwalraven
The question states: "The client is requested to authenticate by the browser (using Basic Authentication). "

There is, by default, no encryption taking place in the client when Basic Authentication is taking place. Therefore option 3 is not correct.

Regards,
Frits
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited