KB00006:Authentication Provider

From PartKeepr Wiki
Jump to: navigation, search

PartKeepr currently supports 2 authentication providers.

Note that WSSE will be faded out in an upcoming version as it gives many problems, and isn't maintained by the upstream developers


HTTP Basic

When to use:

  • If you have legacy users (pre-0.75) and have not yet converted them
  • If you use LDAP
  • If you have trouble using WSSE

HTTP Basic is a less secure authentication method for non-SSL (https) connections, because username and password are base64-encoded, thus easily reversed if someone intercepts your non-secure connection. If you have to use HTTP Basic, please ensure you use SSL (https) for PartKeepr.

WSSE

When to use:

  • If you have no legacy users (pre-0.75)
  • If you don't use LDAP

If you wish to use WSSE, but have legacy users, you need each user to change their password. That way, the legacy user is converted into a new format.

WSSE might give problems with out-of-sync time between the server and clients.

Further reading