> As far as I know, BASIC authentication is secure enough when it goes
> over SSL. It is even better than DIGEST over plain HTTP because SSL
> protects not only the password, but the content as well.
>
Yes, good point.
But in my case, protecting the data from reading is not really critical, as
it is not confidential.
All I need is strong control over the authentication for administrative
tasks.
So DIGEST perfectly fits my needs.
Moreover, I need to transfer very large amount of data. So SSL would be kind
of a big aoverhead for that.
I agree that people should be aware that digest authentication is nothing
about encrypting the data.
--
View this message in context: http://jersey.576304.n2.nabble.com/DIGEST-Authentication-with-Jersey-client-tp5132921p5153378.html
Sent from the Jersey mailing list archive at Nabble.com.