Hi Jahid,
If you want to work with a custom challenge scheme, you have two sides to
cover.
The first one defines how to actually use the scheme. It essentially means
setting up a Guard like this:
myGuard = new Guard(context, new ChallengeScheme("ABC", "myRealm");
If your scheme has non common parameters, beside "identifier/secret" for
example, you might need a Guard subclass.
Now you need the engine to support your scheme, by formatting and parsing
the HTTP headers ("WWW-Authenticate" and "Authorization"). For this you need
to provide an AuthenticationHelper subclass as indicated by Rhett.
You can either make the engine auto-register it by adding a file
"META-INF/services/com.noelios.restlet.AuthenticationHelper" with the
qualified class name in it, either manually register it as Rhett pointed to.
If you are up to this task, I recommend that you have a look at existing
schemes to see how it is actually used: see the
"com.noelios.restlet.authentication" package.
Best regards,
Jerome
> -Message d'origine-
> De : Rhett Sutphin [mailto:[EMAIL PROTECTED]
> Envoyé : mardi 4 mars 2008 17:55
> À : discuss@restlet.tigris.org
> Objet : Re: Authentication Header
>
> Hi,
>
> On Mar 4, 2008, at 9:59 AM, Jahid wrote:
>
> > On server side, I am trying to set a header which will look like
> > this
> >
> > "ABC realm="", challenge-
> > container="salkfadfo823w9283oinfskefn2398wenfdsk";
> >
> > Can anyone tell me how can I achieve that? Here I want to mention
> > that, I
> > dont/can't change the challenge format. So, don't ask me to do
> > that :), also i
> > want the challenge to go on server side as
> "WWW-Authenticate" header
> > with a
> > status code 201.
>
>
> I'm not sure (I haven't tried it yet myself), but I think that you
> create a ChallengeRequest object and set it in the Response. In 1.1-
> M2, it seems like one way to do this would be by extending Guard and
> overriding the challenge method. If you are using the reference
> engine implementation (NRE), you could also implement
> com.noelios.restlet.authentication.AuthenticationHelper and register
> your implementation using Engine#registerAuthentication.
>
> N.b.: like I said before, I haven't tried any of this myself yet. I
> just happen to be looking into implementing a custom authentication
> scheme today.
>
> Rhett
>
>