In this paper we analyze and compare the most widely used authentication approaches: HTTP Basic Authentication, HTTP Digest Authentication, OAuth 1.0a and OAuth 2.0 frameworks. We present practical examples of authentication implementations under Man in The Middle attack scenarios and evaluate the security aspects of each approach.

Tags:

• Web security
• Authentication
• Authorization
• Man in The Middle attack
• Cryptography
• SSL/TLS