http-authentication

I am trying to protect the ~/public_html/dev directory using http auth basic, but to make that secure I want to run it over ssl. The middle section of the below .htaccess file switches to https if the request URI begins with /dev and works. The last section of the file works as well but does not work properly with the https redirect. I basically want to be able to type http://www.example.com/dev/some_sub_dir/ and be redirected to https://www.example.com/dev/some_sub_dir/ and prompted for the http auth username and password. What currently happens is if I go to http://www.example.com/dev/some

I've read through RFC 2617 and can't find there or anywhere else what the delimiter is if multiple schemes are supported. For example, suppose both Basic and Digest are supported. I understand that it may appear this way: HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic WWW-Authenticate: Digest But I've also read that both can be listed as one line, but no one ever shows an example or describes what delimiter to use. I've seen cautions that commas can be used within a single scheme: HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest param1="foo", param2="bar" I've also read that if commas are

Possible Duplicate: Trying to Access Twitter Streaming API with C I am not sure what I am doing wrong in my code but it seems there's a problem on authentication. Every time I execute the code there is no output. My goal here is I wanted to receive a stream of Tweets from Twitter API. The problem might be something else. But I am not sure. Please help. This is the C code: #include <stdio.h> #include <stdlib.h> #include <string.h> #include <curl/curl.h> struct string { char *ptr; size_t len; }; void init_string(struct string *s) { s->len = 0; s->ptr = malloc(s->len+1); if (s->ptr == NULL) {

How can i show an image from a server with standard http protection without showing the authentication window? I now use standard html <img src="..."> but because the image is protected this asks for an authentication window. I do have the login data, how can i show the image? Regards, Tom. This should work. Simply replace the username and password with your authentication details. (Warning: Doesn't work in all browsers) <img src="http://username:password@server/Path" /> I would recommend putting this in a separate file on your server. That way you can reference it without exposing the

I have a Spring MVC REST service, with Spring Security (3.2.5.RELEASE) enabled. When I turn on @EnableWebMvcSecurity, a login form is automatically generated for me at http://localhost:8080/login . If I use this form to login, everything works just fine. The problem occurs when I attempt to login by sending a POST request directly. In my post request, I provide the username and password. I also include the http header 'X-CSRF-TOKEN' and for the header value, I use the JSESSIONID that I see has been generated in a cookie. But when I send this POST request, I get back the following result: HTTP