Thanks the reply.
My plan is first step client calls server by http GET, second step server
response in 401 with WWW-Authentication: PPPK realm="***", nonce="***",
opaque="***", keyid="***", version="***". In the end, client will response back
with Authorization: PPPK realm="***", keyid="***", opaque="***", response="***".
The values of nonce, opaque, keyid and realm are created from server and send
to client for the authentication purpose, and the server will work out client's
authorization by calculating the response value. The values of nonce and opaque
are calculated by server without relation with the definition from RFC2616/2617.
I have read your document from the link which is very helpful. Unfortunately I
am using Restlet1.1, so some methods of Restlet2.0 can not be used. Following
are my part of codes:
public static ChallengeScheme MyScheme = new ChallengeScheme("This is my
scheme", "PPPK");
Engine.getInstance().getRegisteredAuthentications().add(new MyAuthHelp());
public class MyAuthHelp extends AuthenticationHelper{
public MyAuthHelp(){
super(MyScheme, false, true);
}
}
But there is no formatRawRequest() and formatRawResponse() methods in
AuthenticationHelper class.
So could you please help me to work out(please note I am using v1.1, not v2.0),
and how can I put nonce, opaque and keyid in WWW-Authentication, and put
response, nonce, opaque and keyid in Authorization?
Thanks a lot,
Nicho
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2625142
