O'Reilly logo

Mastering GeoServer by Colin Henderson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using Digest for user authentication

The default security implementation in GeoServer for REST and OGC services is HTTP Basic. The HTTP Basic authentication has the widest adoption, and any client that is OGC compliant will support it. However, there is a downside to the HTTP Basic authentication; it is not very secure. The credentials for an HTTP Basic authentication are sent to the server as a header key in plain text, without any encryption. The username and password strings are encoded using Base64, which means they are difficult to be interpreted by users, but they are not secure as Base64-encoded strings can be decoded. An HTTP Basic header looks like the following:

Authorization: Basic dXNlcjpwYXNzd29yZA==

The header key is Authorization ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required