Search

GlobalSCAPE Knowledge Base


Disallow (Shut Off) Basic Authentication for HTTPS

4 Months Ago
Karla Marsh
EFT

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT v7.4.11 and later

DISCUSSION

The Web Transfer Client for EFT uses form-based authentication. Basic auth is provided to remain compliant with RFC 7617. As added assurance that best practices are followed, EFT administrators can force use of HTTPS for all connections.

​In EFT v8.0, all registry settings were moved to AdvancedProperties.json. For information about Advanced Properties, refer to the online help for your version of EFT.

You can disallow (shut off) basic authentication for HTTPS using the registry setting below.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: BOOL

Value name: DisableHTTPBasicAuthentication

Values: Default = 0; 1 = disable basic authentication for HTTPS.

Restart Required: Yes

Share Article

On a scale of 1-5, please rate the helpfulness of this article



Not Helpful
Very Helpful
Optionally provide additional feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: 4 Months Ago
Last Modified By: kmarsh
Type: HOTFIX
Rated 4 stars based on 3 votes.
Article has been viewed 27K times.
Options
Print Article
Export As PDF
Also In This Category
Tags
7.4.11
basic auth
DisableHTTPBasicAuthentication
Customer Support Software By InstantKB 2020 Final
Execution: 0.000. 10 queries. Compression Disabled.