Hi Everyone,
I've a requirement to perform digest auth on a simple rest service I'm
playing with (BTW nice work on Zend_Rest). Problem is that the user
information is stored in a mysql db.
So I've implemented my own resolver to fetch data from a database rather
than a htdigest file. However, digest auth only appears to work if I put the
unencrypted password in the database. I cannot store an md5 of
user:realm:password as the pass (Unless the end user can remember that hash)
and return that hash as i think Zend_Auth_Adapter_Digest maybe doing what I
am doing in my resolver too.
public function resolve($username, $realm) {
try {
$User = My_User_Class::getInstance($username);
// This works but password is unencrypted in db
$password = md5($username . ':' . $realm . ':' .
$User->getInsecurePass());
// What I'd like is just to return which is an md5 of the username,
realm and pass
// $password = $User->getSecuredPass();
return $password
}
catch (Exception $e) {
// Log some stuff
return false;
}
}
Where in this have I gone astray and I presume I'm gonna have
to implement my own stuff elsewhere, so if anyone has advice to aid me on my
way, would be much appreciated.
TIA
AJ
