What are the security issues using authentication from another site (basic auth)?

Question

What are the security issues using authentication from another site (basic auth)?

I have a WSS installation that supports Basic Authentication / SSL (it is hosted on a public website). I am creating a sister site in ASP.NET and am considering starting credentials and allowing users to log in to the new system, provided there is no 401 Not Authorized error.

Both are web-based applications that will be used by approximately 20-50 people.

What am I missing? I've never heard of this before, but I don't understand why it won't work.

0

security login basic-authentication

paulwhit 20 nov. '08 at 6:37

source to share

1 answer

Jon Wood · Accepted Answer · 2008-11-21T16:05:12+0000

I don't see any major issues with this - you obviously want to make sure both servers are using SSL if you need to send this over the internet, but other than that, it sounds like an elegant way to share credentials between applications.

What are the security issues using authentication from another site (basic auth)?

More articles: