Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Username and password are included in the HTTP headers in plaintext, which means they are not encrypted or protected in any other way. For this reason, services using this type of user authentication will also typically run behind HTTPS, which will encrypt the traffic between the service and the client (Taverna) and protect your username and password while in transit over the Internet.

...

Sending passwords like this inside SOAP messages over HTTP is not very secure (even if passwords are digests and not plaintext). For this reason, services typically also use HTTPS to protect the confidentiality of SOAP messages while in transit. This makes it (almost) impossible for eavesdroppers to see what is inside the SOAP messages.

...