Re: Web Service CGI authentication
- --- In firstname.lastname@example.org, "kvclarkusa" <kvclarkusa@y...>
> I am writing a web service client that is a CGI (and is hosted on aHow about using basic authentication that the web server has built in.
> shared unix web server) and the web service server requires a
> username and password for authentication.
> I do not want to put the username and password inside the actual cgi
> for security reasons, i.e. something like this is what I want to
> $username = "aaaa";
> $password = "123456";
> $result = ConnectToWebservice ($username,$password);
> What are the best practices from a security perspective to deal with
> this, i.e. do I store the username, password in another file, and if
> yes how would I set this up/reference it so it is secure, is there
> another way to handle, etc?
> Thank you,
Here is some information about basic authentication in Apache: