|
|
|
|
|
|
by easel
4295 days ago
|
|
|
The advantage is particularly that you don't have to use basic auth. Basic auth in a browser context is more or less a non-starter. The browser's basic auth implementation will take over and provide a generally poor, uncontrollable user experience. For server-to-server authentication, there is less to recommend this, although it does allow services to authenticate without having to check a credential against a data store someplace. |
|
|
I guess you could could kludge it into a form with a method="SRP" and have the browser do it's thing with the username and password field.