afs commented on a change in pull request #666: JENA-1811: Dispatch on
Content-Type. Accumulated code and comment cleanup.
URL: https://github.com/apache/jena/pull/666#discussion_r364143738
##########
File path:
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/auth/Auth.java
##########
@@ -103,4 +104,20 @@ public static boolean allow(String user, AuthPolicy
policy, Runnable notAllowed)
notAllowed.run();
return false;
}
+
+ /**
+ * Calculate the value of the "Authentication" HTTP header for basic auth.
Basic
+ * auth is not secure when used over HTTP (the password can be extracted).
Use
+ * with HTTPS is better.
+ * <p>
+ * Unlike digest auth, basic auth can be setup without an extra round trip
to the
+ * server, making it easier for scripts where teh body is not replayable.
Review comment:
Done
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
