/ Security Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

What Is the Difference Between Site Login and HTTP Authentication?

DZone's Guide to

What Is the Difference Between Site Login and HTTP Authentication?

Read on to learn the difference between HTTP authentication and Form-based authentication, and a tool that can help to configure these protocols.

by
Nicholas Sciberras
·
May. 13, 17 · Security Zone
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Discover how to protect your applications from known and unknown vulnerabilities.

When configuring a target, you sometimes need to configure login details to the web application. This allows Acunetix to check the restricted areas in your web application. There are two types of authentication that can be done with a website – Form-based authentication and HTTP Authentication.

Form-based authentication is the most popular form of authentication. It is the type of authentication which is implemented in the web application and is used in popular websites such as Gmail or Facebook.
facebook-login

This type of authentication can be configured in Acunetix from the Site Login section of a Target.

site-login

On the other hand, HTTP Authentication is configured in the Web Server and is often used as an added level of security. The authentication window appears before any page is loaded, and looks like what is shown in the screenshot. Different browsers display this message differently.
http-authentication

HTTP Authentication is also supported by Acunetix and can be configured from the Target’s settings > HTTP tab > HTTP Authentication.
http-authenticatgion-settings

Find out how Waratek’s award-winning virtualization platform can improve your web application security, development and operations without false positives, code changes or slowing your application.

Like This Article? Read More From DZone

How to Set Up HTTP Authentication (Basic) With Nginx on Ubuntu 16.04
Mulesoft Basic Authentication With HTTPS
Troy Hunt’s Ultimate List of Security Links

Free DZone Refcard

Java EE Security Essentials
DOWNLOAD
Topics:
security ,authentication ,http authentication

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of Nicholas Sciberras, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Security Partner Resources

Building Security Into Cloud Applications
CISO’s Guide to Application Security
Bring your Java apps up to date with the latest Java release with no code changes
See how the Agile Security Manifesto can help your firm build secure software in an agile way.
Take control of your risk management process by overcoming the 6 most common threat modeling misconceptions.
Software Security Testing: Blending Art and Science
Webinar: Secure your apps against a deserialization attack. It's not possible, is it?
Learn how to build secure software at enterprise scale.
Traditional Application Security Approaches Are Not Working

Security Partner Resources

Building Security Into Cloud Applications
CISO’s Guide to Application Security
Bring your Java apps up to date with the latest Java release with no code changes
See how the Agile Security Manifesto can help your firm build secure software in an agile way.
THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone