Heya Seb,

Same here, we've mostly done basic authentication with UK projects. A few
gov't projects have elected to go with an APIKEY param instead, just to make
users of the service have to register, but keep the interface as simple as


On Mon, Apr 11, 2011 at 2:44 PM, Sebastian Hammer <[log in to unmask]>wrote:

> Guys,
> We are setting up a SRU target that is intended to allow for
> username/password authentication. When we have done this between
> instances of our own software, we have used HTTP Basic Authentication
> (see
> However, it is not clear to me what current practices are in this area,
> and I'd like to set up a server that supports as many existing client
> applications as possible.
> Does anyone have a sense of what's most commonly supported by commercial
> or OSS SRU clients today?
> Thanks,
> --Sebastian