[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cannot get DIGEST with URL Authentication to work
Scott,
thanks for your response. Using http_getAuth() and http_setAuth() is
what I do in test procedure test_digest_auth_3(), which works nicely.
So do I correctly assume that calling
http_setAuth(HTTP_AUTH_MD5_DIGEST: ...) from setUrlAuth() is something
from the older days that is not used today?
Regards,
Thomas.
ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx schrieb am 11.05.2012 23:10:15:
> Von: sk@xxxxxxxxxxxxxxxx
> An: ftpapi@xxxxxxxxxxxxxxxxxxxxxx,
> Datum: 11.05.2012 23:36
> Betreff: Re: Cannot get DIGEST with URL Authentication to work
> Gesendet von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>
> Hi Thomas,
>
> DIGEST authentication must be established via http_getAuth and
> http_setAuth. If you include a userid/password in a URL, it's assumed
to
> be BASIC authentication.
>
> The steps to use digest are:
>
> 1) call http_xxx to connect to the site.
>
> 2) get back a -1 with http_error set to HTTP_NDAUTH
>
> 3) call http_getauth to determine whether basic or digest was used,
and
> to get the realm name.
>
> 4) prompt user for the userid/password. This screen should include
the
> realm name so the user knows what the userid/password is for.
>
> 5) Call http_setauth to set the values for userid/password. (the
output
> of http_getauth can be used to identify whether to pass BASIC or
DIGEST
> to setauth)
>
> Hope that makes sense.
>
> On 5/9/2012 1:42 PM, Thomas Raddatz wrote:
> > Hi folks,
> >
> > Is there somebody out there who uses DIGEST authentication combined
with
> > URL authentication?
> >
> > I have been trying to get it working for hours with no success.
> >
> > The standard way works nicely but when I add the user and password
to
> > the URL I cannot make it working.
> >
> > I assume that the problem is closely related to wkSaveAuth, which
> > overrides dsAuth after do_oper() was called. My understanding is
that
> > the following things happen when executing test_digest_auth_1() of
the
> > attached RPGUnit test program:
> >
> > a) The program calls http_url_get_raw() with the following URL:
> >
> > [1]http://admin@' + Job_getTcpIpAddr() + ':8080/digest/
> >
> > b) setUrlAuth() guesses to use BASIC authentication and moves
dsAuth to
> > wkSaveAuth.
> >
> > c) interpret_auth() retrieves the server authentication from the
> > response chain and populates dsAuth.
> >
> > d) After do_oper() wkSaveAuth is moved to dsAuth because wkSaveAuth
does
> > not equal to *BLANKS because some values of dsAuth are set to *OFF
in
> > interpret_auth(). The content of wkSaveAuth is: '000'
> >
> > e) The program calls http_setAuth() to switch to DIGEST
authentication.
> >
> > f) Because of e) dsAuth contains '200' when setUrlAuth() is called
the
> > second time. The former values set by interpret_auth() were lost
> > because of d) and hence setUrlAuth() again set BASIC
authentication.
> >
> > Procedure test_digest_auth_2() follows a different approach which
does
> > not work either.
> >
> > The only procedure that works for DIGEST authentication is
> > test_digest_auth_3() which does not use URL authentication.
> >
> > Any thoughts?
> >
>
-----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> [2]http://www.scottklement.com/mailman/listinfo/ftpapi
>
-----------------------------------------------------------------------
--
IMPORTANT NOTICE:
This email is confidential, may be legally privileged, and is for the
intended recipient only. Access, disclosure, copying, distribution, or
reliance on any of it by anyone else is prohibited and may be a
criminal
offence. Please delete if obtained in error and email confirmation to
the sender.
References
1. http://admin@'/
2. http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------