RE: Authentication Header

2008-03-05 Thread Jerome Louvel 

Hi Jahid,

If you want to work with a custom challenge scheme, you have two sides to
cover. 

The first one defines how to actually use the scheme. It essentially means
setting up a Guard like this:

   myGuard = new Guard(context, new ChallengeScheme("ABC", "myRealm");

If your scheme has non common parameters, beside "identifier/secret" for
example, you might need a Guard subclass.

Now you need the engine to support your scheme, by formatting and parsing
the HTTP headers ("WWW-Authenticate" and "Authorization"). For this you need
to provide an AuthenticationHelper subclass as indicated by Rhett. 

You can either make the engine auto-register it by adding a file
"META-INF/services/com.noelios.restlet.AuthenticationHelper" with the
qualified class name in it, either manually register it as Rhett pointed to.

If you are up to this task, I recommend that you have a look at existing
schemes to see how it is actually used: see the
"com.noelios.restlet.authentication" package.

Best regards,
Jerome  

> -Message d'origine-
> De : Rhett Sutphin [mailto:[EMAIL PROTECTED] 
> Envoyé : mardi 4 mars 2008 17:55
> À : discuss@restlet.tigris.org
> Objet : Re: Authentication Header
> 
> Hi,
> 
> On Mar 4, 2008, at 9:59 AM, Jahid wrote:
> 
> > On server side, I am trying to set a header which will look like  
> > this 
> >
> > "ABC realm="", challenge- 
> > container="salkfadfo823w9283oinfskefn2398wenfdsk";
> >
> > Can anyone tell me how can I achieve that? Here I want to mention  
> > that, I
> > dont/can't change the challenge format. So, don't ask me to do  
> > that :), also i
> > want the challenge to go on server side as 
> "WWW-Authenticate" header  
> > with a
> > status code 201.
> 
> 
> I'm not sure (I haven't tried it yet myself), but I think that you  
> create a ChallengeRequest object and set it in the Response.  In 1.1- 
> M2, it seems like one way to do this would be by extending Guard and  
> overriding the challenge method.  If you are using the reference  
> engine implementation (NRE), you could also implement  
> com.noelios.restlet.authentication.AuthenticationHelper and register  
> your implementation using Engine#registerAuthentication.
> 
> N.b.: like I said before, I haven't tried any of this myself yet.  I  
> just happen to be looking into implementing a custom authentication  
> scheme today.
> 
> Rhett
> 
>

Re: Authentication Header

2008-03-04 Thread Rhett Sutphin 

Hi,

On Mar 4, 2008, at 9:59 AM, Jahid wrote:

On server side, I am trying to set a header which will look like  
this 


"ABC realm="", challenge- 
container="salkfadfo823w9283oinfskefn2398wenfdsk";


Can anyone tell me how can I achieve that? Here I want to mention  
that, I
dont/can't change the challenge format. So, don't ask me to do  
that :), also i
want the challenge to go on server side as "WWW-Authenticate" header  
with a

status code 201.



I'm not sure (I haven't tried it yet myself), but I think that you  
create a ChallengeRequest object and set it in the Response.  In 1.1- 
M2, it seems like one way to do this would be by extending Guard and  
overriding the challenge method.  If you are using the reference  
engine implementation (NRE), you could also implement  
com.noelios.restlet.authentication.AuthenticationHelper and register  
your implementation using Engine#registerAuthentication.


N.b.: like I said before, I haven't tried any of this myself yet.  I  
just happen to be looking into implementing a custom authentication  
scheme today.


Rhett

Authentication Header

2008-03-04 Thread Jahid 
Hi,

On server side, I am trying to set a header which will look like this 

"ABC realm="", challenge-container="salkfadfo823w9283oinfskefn2398wenfdsk";

Can anyone tell me how can I achieve that? Here I want to mention that, I
dont/can't change the challenge format. So, don't ask me to do that :), also i
want the challenge to go on server side as "WWW-Authenticate" header with a
status code 201.

Thanks in advance.

Regards,
Jahid