When developing Basic Authentication with Windows Vista note the following:
-
Windows Vista will fail to connect to server using insecure Basic authentication. It will not even display any login dialog. Vista requires SSL / HTTPS connection to be used with Basic. However you still can connect using Vista if you set the following registry key on a client machine: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters\BasicAuthLevel to 2. The BasicAuthLevel can be set to the following values:
- 0 - Basic authentication disabled
- 1 - Basic authentication enabled for SSL shares only
- 2 or greater - Basic authentication enabled for SSL shares and for non-SSL shares
-
Web Folders on Windows Vista may attach a machine or domain name to the user name returned in Authorization header. It separates user name and domain with a single ‘\’ symbol: DOMAIN\User.