I have a question about HTTPS and HTTP Authentication credentials.
Suppose I secure a URL with HTTP Authentication:
<Directory /var/www/webcallback>
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /var/www/passwd/passwords
Require user gooduser
</Directory>
I then access that URL from a remote system via HTTPS, passing the credentials in the URL:
https://gooduser:[email protected]/webcallback?foo=bar
Will the username and password be automatically SSL encrypted? Is the same true for GETs and POSTs? I'm having a hard time locating a credible source with this information.