Restlet Code

How to implement Digest Authentication

4 messages Options
Embed this post
Permalink
Thomas Cozien

How to implement Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi,

I would like to implement Digest Authentication,
I started to use HttpDigestAuthenticator with SecretDigestVerifier in ChallengeGuard.
But I would like to learn more about SecretDigestVerifier.

Can you explain me?

Best reagrads,
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2353462
jlouvel

RE: How to implement Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi Tom,

Thanks for your email. That made me realize that the SecretDigestVerifier
wasn't complete nor working properly. I've fixed it and added a test case
(attached).

Best regards,
Jerome Louvel
--
Restlet ~ Founder and Lead developer ~ http://www.restlet.org
Noelios Technologies ~ Co-founder ~ http://www.noelios.com


-----Message d'origine-----
De : Thomas Cozien [mailto:[hidden email]]
Envoyé : lundi 25 mai 2009 14:50
À : [hidden email]
Objet : How to implement Digest Authentication

Hi,

I would like to implement Digest Authentication,
I started to use HttpDigestAuthenticator with SecretDigestVerifier in
ChallengeGuard.
But I would like to learn more about SecretDigestVerifier.

Can you explain me?

Best reagrads,
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=23534
62

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2357570

SecretDigestVerifierTestCase.java (2K) Download Attachment
webpost

RE: How to implement Digest Authentication

Reply Threaded More More options
Print post
Permalink
Hi jérome,

Thanks for your answer with the attachment.

This allows me to understand the link between MapVerifier and SecretDigestVerifier classes.

However I've some issues with the tests "test2" and "test3" :

public void test2() {
  MapVerifier mv = new MapVerifier();
  mv.getSecrets().put("scott",
        "RuPXcqGIjq3/JsetpH/XUC15bgc=".toCharArray());

  SecretDigestVerifier sdv = new SecretDigestVerifier(
                Digest.ALGORITHM_SHA_1, Digest.ALGORITHM_SHA_1, mv);

        assertTrue(sdv.verify("scott", "RuPXcqGIjq3/JsetpH/XUC15bgc="
                .toCharArray()));
    }

    public void test3() {
        MapVerifier mv = new MapVerifier();
        mv.getSecrets().put("scott",
                "RuPXcqGIjq3/JsetpH/XUC15bgc=".toCharArray());

        SecretDigestVerifier sdv = new SecretDigestVerifier(null,
                Digest.ALGORITHM_SHA_1, mv);

        assertTrue(sdv.verify("scott", "tiger".toCharArray()));
    }

Indeed with "test2", when I change the name "scott" by "tom" in the condition of the assertTrue, the test is successfull.

May you help me to understand on this point?

Best regards
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2376251
jlouvel

RE: How to implement Digest Authentication

Reply Threaded More More options
Print post
Permalink
Thomas,

I've just updated test2 with the suggested tests and they all pass in Restlet 2.0 M4. I suggest that you try again and let me know if you can get further.

Best regards,
Jerome Louvel
--
Restlet ~ Founder and Lead developer ~ http://www.restlet.org
Noelios Technologies ~ Co-founder ~ http://www.noelios.com



-----Message d'origine-----
De : [hidden email] [mailto:[hidden email]]
Envoyé : mardi 28 juillet 2009 12:10
À : [hidden email]; Jerome Louvel
Objet : RE: How to implement Digest Authentication

Hi jérome,

Thanks for your answer with the attachment.

This allows me to understand the link between MapVerifier and SecretDigestVerifier classes.

However I've some issues with the tests "test2" and "test3" :

public void test2() {
  MapVerifier mv = new MapVerifier();
  mv.getSecrets().put("scott",
        "RuPXcqGIjq3/JsetpH/XUC15bgc=".toCharArray());

  SecretDigestVerifier sdv = new SecretDigestVerifier(
                Digest.ALGORITHM_SHA_1, Digest.ALGORITHM_SHA_1, mv);

        assertTrue(sdv.verify("scott", "RuPXcqGIjq3/JsetpH/XUC15bgc="
                .toCharArray()));
    }

    public void test3() {
        MapVerifier mv = new MapVerifier();
        mv.getSecrets().put("scott",
                "RuPXcqGIjq3/JsetpH/XUC15bgc=".toCharArray());

        SecretDigestVerifier sdv = new SecretDigestVerifier(null,
                Digest.ALGORITHM_SHA_1, mv);

        assertTrue(sdv.verify("scott", "tiger".toCharArray()));
    }

Indeed with "test2", when I change the name "scott" by "tom" in the condition of the assertTrue, the test is successfull.

May you help me to understand on this point?

Best regards
Tom

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2376251

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=7458&dsMessageId=2385995
Free Embeddable Forum Powered by Nabble Help