basic-authentication

I have an app that uses both Basic Auth and OAuth2. Some URLs are authorized using Basic Auth and "/api/**" is authorized using OAuth2. Currently, I have two Java config files ( WebSecurityConfigurerAdapter and ResourceServerConfigurerAdapter ) Each of the config files define a public void configure(HttpSecurity http) method. The trouble I'm having is that I need an elegant way to tell my app whether to use basic auth or oauth2 given the url request. Currently I'm using requestMatchers to make this happen: @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

I am building an iPhone app using jQuery Mobile, jQuery 1.7.2, and PhoneGap trying to get a JSONP from ASP.NET RESTful web service using this code, problem that I need to authenticate first and get a token, then send it back again. here is my function: var setToken = function () { var serverToken = ''; $.support.cors = true; jQuery('body').ajaxSend(function (evt, xhr) { xhr.setRequestHeader("Authorization", "Basic " + $.base64.encode(username + ":" + password)); xhr.setRequestHeader('X-Accept', 'application/json'); }); $.getJSON(url + "?jsoncallback=?", null, function (res) { console.log(res);

I am trying to access Adyen test API that requires basic authentication credentials. https://docs.adyen.com/developers/ecommerce-integration My credentials work when accessing the API page through browser. But I get an 401 Unauthorized response when trying to access the API with XMLHttpRequest POST request. Javascript Code var url = "https://pal-test.adyen.com/pal/servlet/Payment/v25/authorise"; var username = "ws@Company.CompanyName"; var password = "J}5fJ6+?e6&lh/Zb0>r5y2W5t"; var base64Credentials = btoa(username+":"+password); var xhttp = new XMLHttpRequest(); xhttp.open("POST", url, true)

Is there a solution to logout a user (make a browser clear its cached credentials and ask user to login credential once again) for basic HTTP authentication? I've already looked through the following questions: logout with basic authentication without closing webbrowser like banking sites will display HTTP authentication logout via PHP Yes, but it's not very smooth. You have a special script URL (eg /logout ; like a login script it must be in the root of the webapp to ensure the auth gets set to the right path), which, instead of requiring a valid username/password to proceed, requires an

From JavaScript I used: xhr.setRequestHeader("Authorization", make_base_auth(username,password)); However the HTTP request doesn't have an Authorization header: OPTIONS /restService/index?_=1362589672203 HTTP/1.1 Host: myappinheroku.herokuapp.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: es-MX,es-ES;q=0.8,es-AR;q=0.7,es;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Origin: http://127.0.0.1:8081 Access-Control-Request-Method: GET Access-Control-Request-Headers