HTTP Authentication Schemes in .Net Framework

-> Anonymous
-> Basic
-> Digest
-> NTLM
-> Negotiate
-> Windows Live ID

Anonymous
-> An Anonymous request does not contain any authentication information. This is equivalent to granting everyone access to the resource.

Basic
-> Basic authentication sends a Base64-encoded string that contains a username and password for the client. Base64 is not a form of encryption and should be considered as sending the username and password in clear text.

Digest
-> Digest authentication is a challenge-response scheme that is intended to replace Basic authentication. The server sends a string of random data called nonce to the client a challenge. The client responds with a hash that includes the user name, password and nonce among additional information.
-> Digest authentication requires the use of windows domain accounts. The digest realm is the windows domain name.

NTLM
-> is a challenge response scheme that is a securer variation of Digest authentication. NTLM uses windows credentials to transform the challenge data instead of the uuencoded username and password.
-> NTLM requires multiple exchanges between the client and server.

Negotiate
-> Negotiate authentication automatically and selects between Kerberos protocol and NTLM authentication, depending on availability. The Kerberos protocol is used if it’s available, otherwise NTLM is tried.

Leave a Reply

Your email address will not be published. Required fields are marked *