Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
25 lines (17 sloc) 905 Bytes

Who's Who

Out of the box HTTP provides you with basic authentication, a simple way to specify a name and password for a request. These credentials are transferred as an unencrypted request header, so applications should secure both credentials and message bodies by requiring HTTPS for any protected resources.

Below, we define a kit that extracts a username and password via basic HTTP authentication and verifies those credentials before letting anyone through the gate. It presumes a Users service that would validate the user's credentials.

@@snip { #example1 }

By applying this kit we can layer basic authentication around any intent in a client application.

@@snip { #example2 }

Also, don't give the password to any newspaper reporters.