[erlang-questions] web authentication

Garrett Smith g@REDACTED
Mon Jul 11 19:16:03 CEST 2011

On Fri, Jul 8, 2011 at 11:20 PM, Jon Watte <jwatte@REDACTED> wrote:

> 2) Use Basic-auth over HTTP -- this sends name and password,
> base-64-encoded.

This is surely a typo. You can't say "HTTP" and expect people to read

For simple web auth, I routinely use basic auth, but only ever over
HTTPS. This doesn't work however if you need to control sessions or
let users log out. It's just a quick and dirty way to control who can
see what.


More information about the erlang-questions mailing list