This is a trace of a request for a page using the Basic Authentication mechanism.
A Wikipedia article
gives a more detailed explanation. Basically, it is a username and password
authentication scheme based on HTTP/1.0 standards. A page rejected with code 401,
Authorization Required, returns also the WWW-Authenticated header. The browser will
request the page again, this time sending the username and password, base64 encoded,
in the Authorization header of the next request.
Once a browser has determined that credentials are needed for a certain URL,
future requests for that page will include those credentials with the initial request.
The browser will also assume that the same credentials are required for all pages
descending from that path and will include the credentials with the initial request
for those resources as well.
http://www.cs.miami.edu/~burt/reference/crypto/
GET /~burt/reference/crypto/ HTTP/1.1
Host: www.cs.miami.edu
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.12) Gecko/20070508 Firefox/1.5.0.12
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.cs.miami.edu/~burt/reference/
HTTP/1.x 401 Authorization Required
Date: Fri, 01 Jun 2007 19:19:16 GMT
Server: Apache/1.3.29 (Unix) PHP/4.3.10
WWW-Authenticate: Basic realm="RC4,MD5,etc"
Keep-Alive: timeout=15, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
----------------------------------------------------------
http://www.cs.miami.edu/~burt/reference/crypto/
GET /~burt/reference/crypto/ HTTP/1.1
Host: www.cs.miami.edu
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.12) Gecko/20070508 Firefox/1.5.0.12
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.cs.miami.edu/~burt/reference/
Authorization: Basic eWVzaXRpczpiYXNlNjQ=
HTTP/1.x 200 OK
Date: Fri, 01 Jun 2007 19:19:29 GMT
Server: Apache/1.3.29 (Unix) PHP/4.3.10
Keep-Alive: timeout=15, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
Digest access authentication is a challenge response authentication meant to improve and
replace the basic scheme. It is a standard protocol proposed as an extension to the HTTP protocol
specifications.
See Digest access authentication.