You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jena.apache.org by bu...@apache.org on 2013/07/15 18:51:10 UTC
svn commit: r869589 - in /websites/staging/jena/trunk/content: ./ documentation/query/http-auth.html

Author: buildbot
Date: Mon Jul 15 16:51:09 2013
New Revision: 869589

Log:
Staging update by buildbot for jena

Modified:
    websites/staging/jena/trunk/content/   (props changed)
    websites/staging/jena/trunk/content/documentation/query/http-auth.html

Propchange: websites/staging/jena/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Jul 15 16:51:09 2013
@@ -1 +1 @@
-1499458
+1503334

Modified: websites/staging/jena/trunk/content/documentation/query/http-auth.html
==============================================================================
--- websites/staging/jena/trunk/content/documentation/query/http-auth.html (original)
+++ websites/staging/jena/trunk/content/documentation/query/http-auth.html Mon Jul 15 16:51:09 2013
@@ -180,8 +180,12 @@ mechanisms provided for the <code>SERVIC
 <p>The <a href="http://jena.apache.org/documentation/javadoc/arq/org/apache/jena/atlas/web/auth/FormsAuthenticator.html">forms authenticator</a> is an authenticator usable with services that require form based logins and use cookies to verify login state.  This is intended for use with
 services that don't support HTTP's built-in authentication mechanisms for whatever reason.  One example of this are servers secured using Apache HTTP Server <a href="https://httpd.apache.org/docs/2.4/mod/mod_auth_form.html">mod_auth_form</a>.</p>
 <h4 id="preemptivebasicauthenticator">PreemptiveBasicAuthenticator</h4>
-<p>This <a href="http://jena.apache.org/documentation/javadoc/arq/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.html">authenticator</a> is a decorator over another authenticator that enables preemptive basic authentication.  This is not enabled by default because it reduces security as it can
- result in sending credentials to servers that don't actually require them.</p>
+<p>This <a href="http://jena.apache.org/documentation/javadoc/arq/org/apache/jena/atlas/web/auth/PreemptiveBasicAuthenticator.html">authenticator</a> is a decorator over another authenticator that enables preemptive basic authentication.</p>
+<p>This is not enabled by default for two reasons:</p>
+<ol>
+<li>It reduces security as it can result in sending credentials to servers that don't actually require them.</li>
+<li>It only works for basic authentication and not for other HTTP authentication mechanisms e.g. digest authentication</li>
+</ol>
 <h4 id="delegatingauthenticator">DelegatingAuthenticator</h4>
 <p>The <a href="http://jena.apache.org/documentation/javadoc/arq/org/apache/jena/atlas/web/auth/DelegatingAuthenticator.html">delegating authenticator</a> allows for mapping different authenticators to different services, this is useful when you need to mix and match the types of authentication needed.</p>
 <h2 id="applying-authentication">Applying Authentication</h2>