Restlet Code

Digest Authentication

5 messages Options
Embed this post
Permalink
webpost

Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi,

I would like to implement Digest authentication with Restlet. I've just started something like this :
 - new ChallengeGard with HTTP_Digest ChallengeScheme

I saw the "SecretDigestVerifier" class but I don't know how to use it.

Can you explain me?

Best regards
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2353454
jlouvel

RE: Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi Tom,

The SecretDigestVerifier is now fully working in SVN trunk. However, the
support for HTTP DIGEST on the new HttpDigestAuthenticator isn't complete
yet. There is a RFE pending:

"Improve HTTP Digest support"
http://restlet.tigris.org/issues/show_bug.cgi?id=567

Meanwhile, you can still use the old Guard class which supports HTTP DIGEST.

Best regards,
Jerome Louvel
--
Restlet ~ Founder and Lead developer ~ http://www.restlet.org
Noelios Technologies ~ Co-founder ~ http://www.noelios.com


-----Message d'origine-----
De : [hidden email] [mailto:[hidden email]]
Envoyé : lundi 25 mai 2009 13:28
À : [hidden email]
Objet : Digest Authentication

Hi,

I would like to implement Digest authentication with Restlet. I've just
started something like this :
 - new ChallengeGard with HTTP_Digest ChallengeScheme

I saw the "SecretDigestVerifier" class but I don't know how to use it.

Can you explain me?

Best regards
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=23534
54

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2359009
jlouvel

RE: Digest Authentication

Reply Threaded More More options
Print post
Permalink
FYI, the SecretDigestVerifier class has been renamed into DigestVerifier. The UniformGuard and ChallengeGuard classes have also been removed. It is often simpler/better to use Authenticator and Authorizer subclasses directly as filters.

Best regards,
Jerome Louvel
--
Restlet ~ Founder and Lead developer ~ http://www.restlet.org
Noelios Technologies ~ Co-founder ~ http://www.noelios.com


-----Message d'origine-----
De : Jerome Louvel [mailto:[hidden email]]
Envoyé : mercredi 3 juin 2009 09:30
À : [hidden email]
Objet : RE: Digest Authentication

Hi Tom,

The SecretDigestVerifier is now fully working in SVN trunk. However, the
support for HTTP DIGEST on the new HttpDigestAuthenticator isn't complete
yet. There is a RFE pending:

"Improve HTTP Digest support"
http://restlet.tigris.org/issues/show_bug.cgi?id=567

Meanwhile, you can still use the old Guard class which supports HTTP DIGEST.

Best regards,
Jerome Louvel
--
Restlet ~ Founder and Lead developer ~ http://www.restlet.org
Noelios Technologies ~ Co-founder ~ http://www.noelios.com


-----Message d'origine-----
De : [hidden email] [mailto:[hidden email]]
Envoyé : lundi 25 mai 2009 13:28
À : [hidden email]
Objet : Digest Authentication

Hi,

I would like to implement Digest authentication with Restlet. I've just
started something like this :
 - new ChallengeGard with HTTP_Digest ChallengeScheme

I saw the "SecretDigestVerifier" class but I don't know how to use it.

Can you explain me?

Best regards
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=23534
54

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2359009

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2360441
Thomas Cozien

RE: Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi,

Wich implementations should I use for developping Digest authentication?

May I have wait for the last implementation using "DigestVerifier"?

I don't know how and where to start? Have you got any examples?

Last point,
the method "verify(String, char[])" from the class "DigestVerifier" (beforehand "SecretDigestVerifier") returns always true.

Here are my sample :

  MapVerifier mv = new MapVerifier();      
   mv.getSecrets().put("scott","pwd".toCharArray());      mv.getSecrets().put("tom","pwd".toCharArray());
       
  SecretDigestVerifier sdv = new SecretDigestVerifier(Digest.ALGORITHM_SHA_256,Digest.ALGORITHM_SHA_256, mv);

        assertTrue(sdv.verify("temp","temp".toCharArray()));
assertTrue(sdv.verify("tom","".toCharArray()));
assertTrue(sdv.verify("tom","pwd".toCharArray()));

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2376285
jlouvel

RE: Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi Thomas,

Could you try again with Restlet 2.0 M4? Note that you should now use
DigestVerifier instead of SecretDigestVerifier.

Regarding the support of HTTP DIGEST in Restlet 2.0, I haven't got time to
look at it closely. It might work though. I suggest that you track this
issue for now, which is scheduled for 2.0 M5:

"Improve HTTP Digest support"
http://restlet.tigris.org/issues/show_bug.cgi?id=567

Best regards,
Jerome Louvel
--
Restlet ~ Founder and Lead developer ~ http://www.restlet.org
Noelios Technologies ~ Co-founder ~ http://www.noelios.com


-----Message d'origine-----
De : Thomas Cozien [mailto:[hidden email]]
Envoyé : mardi 28 juillet 2009 15:42
À : [hidden email]; Jerome Louvel
Cc : [hidden email]
Objet : RE: Digest Authentication

Hi,

Wich implementations should I use for developping Digest authentication?

May I have wait for the last implementation using "DigestVerifier"?

I don't know how and where to start? Have you got any examples?

Last point,
the method "verify(String, char[])" from the class "DigestVerifier"
(beforehand "SecretDigestVerifier") returns always true.

Here are my sample :

  MapVerifier mv = new MapVerifier();      
   mv.getSecrets().put("scott","pwd".toCharArray());
mv.getSecrets().put("tom","pwd".toCharArray());
       
  SecretDigestVerifier sdv = new
SecretDigestVerifier(Digest.ALGORITHM_SHA_256,Digest.ALGORITHM_SHA_256, mv);

        assertTrue(sdv.verify("temp","temp".toCharArray()));
assertTrue(sdv.verify("tom","".toCharArray()));
assertTrue(sdv.verify("tom","pwd".toCharArray()));

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=23762
85

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2385994
Free Embeddable Forum Powered by Nabble Help