[En-Nut-Discussion] Basic Authentication on HTTP/1.0

Leo Hendrawan leo.hendrawan at gmail.com
Fri Jun 10 03:36:32 CEST 2005


Hello guys,

i am working on an embedded web server project. I am not using
ethernut exactly, instead i am using my own board (ATMEGA16 based) and
AVR uIP 0.9.
The project itself requires authentication method. I decide to use
Basic Authentication method, but I have some problems.

The basic authentication for HTTP/1.0 scheme is -as you all know- is
very simple.
The client (i.e.) first web browser first send common query message
(which may look lakie this):
   GET /  HTTP/1.0
   .......
   (newline)
Then my board challanges the client by sending this response message:
   HTTP/1.0 401 Authorization Required
   Server name: Embedded Web Server
   WWW-Authenticate: Basic realm="Password"
   (newline)
This message will cause the web browser client program prompt a window
for the user entering user name and password.

As i read in the internet sources, then after the user submits the
username & password, the web browser should send a second request with
"username:password" entered (encoded by base64 method). Maybe it
should be look like this:
   GET / HTTP/1.0
   Authorization: Basic (username:password encoded with base64 method)
   ......
   (newline)
But what happened is (as i check it using ethereal) the web browser
didn't send anything.

Does anyone knows what happened? By the way, i am using IE 6.0 as the
web browser client program.

Regards, 

Leo



More information about the En-Nut-Discussion mailing list