Hi Thierry,
is it not possible to alter the logic of the cliennt connector(s), that
it sends the request again to the server, with the data needed? Perhaps
as optional feature?
best regards
Stephan
Thierry Boileau schrieb:
Hi willyh.
what is missing is a way to preemptively authenticate your request
with the Digest scheme (see RFE #288
http://restlet.tigris.org/issues/show_bug.cgi?id=288). As you will
see, it's a little bit more difficult than with the Basic authentication.
In a few words, the server sends a list of values to the client that
the client must use in order to generate a digest value according to
an algorithm ("MD5" for example). Thus, it requires you to know in
advance (which is mostly no the case) or to discover these values.
That is to say, you need to make one request, get the values sent by
the server and use them in order to generate a proper
ChallengeResponse object to your request.
For example, you want to request the "http:/localhost:8182/".
At the first attempt, you get back this "WWW-Authenticate" header from
the server:
Digest realm="realm", domain="null", qop="auth", algorithm=MD5,
nonce="MTIxMjY1NDAwNjIzMzo2MWRhMTQ0MTRkOGQyNzkxMWNjNGU0MTM1ZmM4OTlkNw=="
Then, you use the values in order to generate the following
"Authorization" header.
Digest username="login", realm="realm",
nonce="MTIxMjY1NDAwNjIzMzo2MWRhMTQ0MTRkOGQyNzkxMWNjNGU0MTM1ZmM4OTlkNw==",
uri="/", algorithm=MD5, response="8888181e0c231df689bcb737460f8368",
qop=auth
Feel free to ask any more questions.
best regards,
Thierry Boileau
ps : I send you a sample code with such two-phases request. Let's say
that your login/password is "login/secret".
Reference reference = new Reference("http://localhost:8182/";);
// first request
Client client = new Client(Protocol.HTTP);
Request request = new Request(Method.GET, reference);
Response response = client.handle(request);
// second request
response.getChallengeRequest().getParameters();
// Get the values sent by the server
request = new Request(Method.GET, reference);
challengeResponse = new
ChallengeResponse(ChallengeScheme.HTTP_DIGEST,
"login", "secret");
// Prepare the ChallengeResponse parameters
Form form = new Form();
// Your login
form.add("username", "login");
form.add("uri", reference.getPath());
// Retrieve values sent by the server
form.add(response.getChallengeRequest().getParameters().getFirst("nonce"));
form.add(response.getChallengeRequest().getParameters().getFirst("realm"));
form.add(response.getChallengeRequest().getParameters().getFirst("domain"));
form.add(response.getChallengeRequest().getParameters().getFirst("algorithm"));
form.add(response.getChallengeRequest().getParameters().getFirst("qop"));
// Generate some digest values with your login, password,
realm, request method, and URI path.
String a1 =
Engine.getInstance().toMd5(form.getFirstValue("login") + ":" +
form.getFirstValue("realm") + ":" + "secret");
String a2 = Engine.getInstance().toMd5(request.getMethod() +
":" + form.getFirstValue("uri"));
// the "response" parameter is the final digest value. (its
value may differ if the server sends these parameters: "cnonce" and
"nc")
form.add("response", Engine.getInstance().toMd5(a1 + ":" +
form.getFirstValue("nonce") + ":" + a2));
challengeResponse.setCredentialComponents(form);
request.setChallengeResponse(challengeResponse);
response = client.handle(request);
