(Release 5 and later) To enable password protected access, select View > Setup Client Server from the program main menu, then enter the password in the password field.

The authentication method is HTTP basic authentication scheme.

HTTP Basic Authentication Scheme

The "basic" authentication scheme is based on the model that the user agent must authenticate itself with a user-ID and a password. The server will authorize the request only if it can validate the user-ID and password for the protection space of the Request-URI.

Upon receipt of an unauthorized request for a URI within the protection space, the server should respond with a challenge like the following:

       WWW-Authenticate: Basic realm="PasswordProtectedData"

where "PasswordProtectedData" is the string assigned by AutoReminder to identify the protection space.

To receive authorization, the client sends the user-ID and password, separated by a single colon (":") character, within a base64 encoded string in the credentials.

       basic-credentials = "Basic" SP basic-cookie

       basic-cookie      = <base64 encoding of userid-password>

       userid-password   = [ token ] ":" *TEXT

If the user agent wishes to send the user-ID "Aladdin" and password "open sesame", it would use the following header field:

       Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

The basic authentication scheme is a non-secure method of filtering unauthorized access to resources on an HTTP server. It is based on the assumption that the connection between the client and the server can be regarded as a trusted carrier. As this is not generally true on an open network, the basic authentication scheme should be used accordingly. In spite of this, clients should implement the scheme in order to communicate with servers that use it.

Browser Access Password Protected AutoReminder

When accessing from a browser, the basic authentication scheme is handled by the browser. When AutoReminder is first accessed, AutoReminder sends the challenge, and a window will popup for a user to enter User ID and password. For AutoReminder, you can choose any user ID.

Program Access Password Protected AutoReminder

If you are using MFC/C++, you need to set the user ID and password when creating the HttpConnection object:

    CInternetSession sess;
    ... sess.GetHttpConnection(host, port, userId, password);

If you are using a script, you need to send the following string with the rest of HTTP headers.

    Authorization: Basic <base64 encoding of userid:password>

For example, in PHP, you can use:

    $userId = "Aladin";
    $password = "open sesame";
    $basic_cookie = base64_encode($userId . ":" . $password);
    $headers = $headers . "Authorization : Basic " . $basic_cookie . "\r\n";