Question

1
Replies
527
Views
Close popover
Manjunatha Mn (ManjunathaM6763)
ING Vysya Bank Ltd

ING Vysya Bank Ltd
NL
ManjunathaM6763 Member since 2017 6 posts
ING Vysya Bank Ltd
Posted: June 5, 2018
Last activity: June 5, 2018
Closed

Container Managed Authentication - Basic Authorization

Hi Team,

We have implemented container managed authentication in our organization. We got a security test done for our application and found that authorization header has been set to Basic and username and password are base64 encoded. Its very easy to decode the username and password and which is an security threat for the application.

Can you help how to disable basic authorization and what are the secured types we can use.

Solutions Tried:

We can enable form based authentication in web.xml by modifying the below tag

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>PegaRULES</realm-name>
</login-config>

Regards

Manju

Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.