Hitachi Vantara Pentaho Community Wiki
Child pages
  • Authentication from Third-Party Applications

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Authentication Method

Advantages

Disadvantages

Basic

  • Can be non-interactive.
  • Client prompt built into browsers.
  • Widely supported.
  • Can be paired with SSL to protect password.
  • Password is encoded but not encrypted.

Digest

  • Can be non-interactive.
  • Client prompt built into browsers.
  • Password is not sent as cleartext.
  • Less widely supported than Basic.

Request Parameter

  • Can be non-interactive.
  • Very easy to use.
  • Relies only on HTTP specification so it is widely supported.
  • Password is sent as cleartext and can be (and probably is) logged by web servers.

Form

  • Relies only on HTTP specification so it is widely supported.
  • Allows cosmetic customization.
  • Can be paired with SSL to protect password.
  • Requires most work by developerscreation of login page.

Of these, only Basic, Digest, and Request Parameter are suggested for use when authenticating from third-party applications. This is because these methods can be used in a non-interactive manner.

...