I'm pretty sure I understand and have it set up correctly but I am clearly missing something.
Here's what I have. I've implemented the HttpAwsS3Verifier which wraps a LocalVerifier similar to the DigestVerifier. My understanding was that this is how I can hook in the actual identifier/password list and your response appears to confirm that. Now in my application I have everything hooked up via Spring. Here is what my beans look like... <bean id="root" class="org.restlet.Application"> <constructor-arg index="0" ref="defaultRestletContext"/> <property name="root"> <bean class="org.restlet.security.ChallengeAuthenticator"> <constructor-arg index="0" ref="defaultRestletContext"/> <constructor-arg index="1" value="true"/> <constructor-arg index="2"> <util:constant static-field="org.restlet.data.ChallengeScheme.HTTP_AWS_S3"/> </constructor-arg> <constructor-arg index="3" value="localhost"/> <constructor-arg index="4"> <bean class="org.restlet.ext.crypto.internal.HttpAwsS3Verifier"> <constructor-arg index="0"> <bean class="com.company.restlet.security.MyLocalVerifier"/> </constructor-arg> <constructor-arg index="1" value="true"/> </bean> </constructor-arg> </bean> </property> </bean> When my application is running and a request is sent I get the following message... *Challenge scheme HTTP_AWS not supported by the Restlet engine.* I also get an authentication required required error sent back to the client. I'm looking at the source for org.restlet.ext.crypto.DigestAuthenticator but I do not see anything inside that seems to set what ChallengeScheme is supported by it. I'm also generally unclear where the mapping of ChallengeScheme to Authenticator/Verifier occurs. On Fri, May 14, 2010 at 6:58 AM, Thierry Boileau < thierry.boil...@noelios.com> wrote: > Hello Jean-Phillipe, > > that's a great news! > > > > Now that I have all the pieces i'm ready to plug it in for testing and > ultimately submission to the project. > > I've been digging around a lot but am so far unable the location where > the correct verifier is selected/instantiated for a given ChallengeScheme. > > Basically, a verifier is attached to an authenticator by the developer. > > If you have a look at the "crypto" extension, you will see a > DigestAuthenticator that aims to handle Digest-based authentication, > especially HTTP_DIGEST. This authenticator is aimed to be used as follow > (see [1]): > > *** > > DigestAuthenticator guard = new DigestAuthenticator(null, "TestRealm", > "mySecretServerKey"); > > // Instantiates a Verifier of identifier/secret couples based on a simple > Map. > MapVerifier mapVerifier = new MapVerifier(); > // Load a single static login/secret pair. > mapVerifier.getLocalSecrets().put("login", "secret".toCharArray()); > guard.setWrappedVerifier(mapVerifier); > > *** > > As you can see, a verifier is provided manually, and this verifier seems > totally agnostic of the challenge scheme. That's true. You may have also > noticed that this verifier is attached to the authenticator as a "wrapped" > verifier. > Actually, the DigestAuthenticator has its own verifier (see the > constructor) which is an instance of DigestVerifier that wraps the user's > one. This verifier supports a given ChallengeScheme which is HTTP_Digest. > Here is an answer to your question. > Another question is "why using a DigestVerifier that wraps a simple > LocalVerifier?". The reason is that we try to support the case where the > user's verifier leverages credentials that are already encrypted... > > I hope this get the things clearer, but I'm not really sure. Please let us > know! > > Best regards, > Thierry Boileau > > [1] http://wiki.restlet.org/docs_2.0/13-restlet/112-restlet.html > > > Can you point me in the right direction? Ultimately it would be great if > it "just worked." Any help on plugging this is would be greatly appreciated. > > On Sun, May 9, 2010 at 2:39 AM, Thierry Boileau < > thierry.boil...@noelios.com> wrote: > >> Hello Jean-Philippe, >> >> unfortunately the server side has been implemented for the moment. >> >> Best regards, >> Thierry Boileau >> >> >> Hi, >> >> I'm using Amazon S3 authentication in my web application. I'm looking to >> moving to restlet 2.0 from 1.1 and was wondering if there is finally a >> server side implementation of the authentication protocol? >> >> Jean-Philippe Steinmetz >> >> > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2609206