I'm writing some browser side dynamic functionality and using HTTP Basic Auth to protect some resources. The user experience is very important and is highly customized.
Here's a simple test JQuery method that eventually will test if a user has supplied the right credentials in a form:
$(document).ready(function() {
$("#submit").click(function() {
var token = Base64.encode($('#username').val() + ':' + $('#password').val());
$.ajax({
url: '/private',
method: 'GET',
async: false,
beforeSend: function(req) {
req.setRequestHeader('Authorization', 'test:password');
},
error: function(request, textStatus, error) {
if (request.status == 401) {
alert('401');
}
}
});
return false;
});
});
If they are not allowed to access /private
, at the moment they should see just the alert box. However, on Firefox, a browser-provided login form pops up (to retry with new credentials). Safari does not do this.
We want to completely control the experience with custom forms, fades, transitions, etc. How can I keep Firefox's default box from being shown? (If this will be an issue when we test for IE, I'd love to hear solutions there, too.)
Since you can't change the browser's default behavior of showing the popup in case of a 401 (basic or digest authentication), there are two ways to fix this: Change the server response to not return a 401 . Return a 200 code instead and handle this in your jQuery client.
We can do HTTP basic authentication URL with @ in password. We have to pass the credentials appended with the URL. The username and password must be added with the format − https://username:password@URL.
Security of basic authentication As the user ID and password are passed over the network as clear text (it is base64 encoded, but base64 is a reversible encoding), the basic authentication scheme is not secure. HTTPS/TLS should be used with basic authentication.
In case you haven't read it:
How can I supress the browser's authentication dialog?
Doesn't look too promising :)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With