HTTP Authentication
Parameters
| Parameter | Details |
|---|---|
| Response status | 401 if the origin server requires authentication, 407 if an intermediate proxy requires authentication |
| Response headers | WWW-Authenticate by the origin server, Proxy-Authenticate by an intermediate proxy |
| Request headers | Authorization for authorization against an origin server, Proxy-Authorization against an intermediate proxy |
| Authentication scheme | Basic for Basic Authentication, but others such as Digest and SPNEGO can be used. See the HTTP Authentication Schemes Registry. |
| Realm | A name of the protected space on the server; a server can have multiple such spaces, each with a distinct name and authentication mechanisms. |
| Credentials | For Basic: username and password separated by a colon, base64-encoded; for example, username:password base64-encoded is dXNlcm5hbWU6cGFzc3dvcmQ= |
Remarks
Basic Authentication is defined in RFC2617. It can be used to authenticate against the origin server after receiving a 401 Unauthorized as well as against a proxy server after a 407 (Proxy Authentication Required). In the (decoded) credentials, the password starts after the first colon. Therefore the username cannot contain a colon, but the password can.
