HTTP digest authentication support
----------------------------------
Key: JCR-2773
URL: https://issues.apache.org/jira/browse/JCR-2773
Project: Jackrabbit Content Repository
Issue Type: New Feature
Reporter: Douglas Jose
Attachments: http-digest.patch
I have extended Jackrabbit to allow HTTP digest authentication through WebDAV,
as Windows 7 can't connect to a WebDAV repository using basic authentication.
The implementation is based on Tomcat's source code (I have used it as a
reference to implement the same authentication handling in Jackrabbit). I hope
that's not a problem.
In order to enable the digest authentication, you need to:
- Change the WebDAV servlet from
'org.apache.jackrabbit.j2ee.SimpleWebdavServlet' to
'org.apache.jackrabbit.j2ee.DigestWebdavServlet' in the web.xml file;
- Change the LoginModule to
'org.apache.jackrabbit.core.security.simple.DigestLoginModule' in the
repository.xml file
- Add the parameter 'passwordsFile' to the DigestLoginModule with the path of
the passwords file.
- Add to the passwords file created above the user id and the password digest.
The utility DigestPasswordUtil in the jackrabbit-jcr-commons project can be
used to generate the entry to be appended to the passwords file.
java -cp target/jackrabbit-jcr-commons-2.2-SNAPSHOT.jar
org.apache.jackrabbit.util.DigestPasswordUtil user realm password
The DigestLoginModule configuration is optional, I believe the
DigestWebdavServlet should work normally with the SimpleLoginModule which
accepts any credentials.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
