Back to HTTPServer Main Index
The ST/X-HTTPServer provides the following authorization methods:
See rfc 2617 for details.
Check the boxes for the authentication methods you want to allow.
Most of the web browsers support both BASIC and DIGEST authentication methods,
and when given a choice, should choose the more secure DIGEST scheme.
Please uncheck BASIC, if you want to ensure that the BASIC authentication method is not used.
It is highly unsecure, as passwords are transmitted unencrypted over the internet.
(i.e. man in the middle can listen and catch you password.)
Therefore, it is recommended, that this is disabled if any of your services is
security relevant
Actually, this should probably be an attribute of the service and/or
the realm, and may be changed in future versions.
The realm defines the protection space (i.e. access group).
You can have multiple users in a realm.
To add users to the selected realm (access group).
If a service was registered with a realm, only authorized users are allowed to
access that service.
If no realm was specified, ANY user can (without authentication) access the service.
There is one exception to this:
The MaintenanceService, without realm will ONLY allow access from the local host.
I.e. it always requires a realm for remote access.
If you want to allow remote access to the MaintenanceService,
select a realm and do not forget to add a user to this realm.
Read the
"standalone application documentation" on how to setup authentication
for the standalone webserver.
Copyright © 2003 eXept Software AG, all rights reserved
Doc $Revision: 1.4 $ $Date: 1997/08/07 15:06:09 $