[jira] Commented: (JCR-2773) HTTP digest authentication support

Mon, 11 Oct 2010 02:38:00 -0700 

    [ 
https://issues.apache.org/jira/browse/JCR-2773?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12919765#action_12919765
 ] 

Douglas Jose commented on JCR-2773:
-----------------------------------

I haven't chose the components in this issue as the code is spread through 
several components (namely jackrabbit-core, jackrabbit-jcr-server, 
jackrabbit-jcr-commons and jackrabbit-webapp). I am not sure if I chose the 
best components and packages for the new classes in the attached patch.

> HTTP digest authentication support
> ----------------------------------
>
>                 Key: JCR-2773
>                 URL: https://issues.apache.org/jira/browse/JCR-2773
>             Project: Jackrabbit Content Repository
>          Issue Type: New Feature
>            Reporter: Douglas Jose
>         Attachments: http-digest.patch
>
>
> I have extended Jackrabbit to allow HTTP digest authentication through 
> WebDAV, as Windows 7 can't connect to a WebDAV repository using basic 
> authentication.
> The implementation is based on Tomcat's source code (I have used it as a 
> reference to implement the same authentication handling in Jackrabbit). I 
> hope that's not a problem.
> In order to enable the digest authentication, you need to:
> - Change the WebDAV servlet from 
> 'org.apache.jackrabbit.j2ee.SimpleWebdavServlet' to 
> 'org.apache.jackrabbit.j2ee.DigestWebdavServlet' in the web.xml file;
> - Change the LoginModule to 
> 'org.apache.jackrabbit.core.security.simple.DigestLoginModule' in the 
> repository.xml file
> - Add the parameter 'passwordsFile' to the DigestLoginModule with the path of 
> the passwords file.
> - Add to the passwords file created above the user id and the password 
> digest. The utility DigestPasswordUtil in the jackrabbit-jcr-commons project 
> can be used to generate the entry to be appended to the passwords file.
> java -cp target/jackrabbit-jcr-commons-2.2-SNAPSHOT.jar 
> org.apache.jackrabbit.util.DigestPasswordUtil user realm password
> The DigestLoginModule configuration is optional, I believe the 
> DigestWebdavServlet should work normally with the SimpleLoginModule which 
> accepts any credentials.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to