I'm pretty sure I understand and have it set up correctly but I am clearly
missing something.
Here's what I have.
I've implemented the HttpAwsS3Verifier which wraps a LocalVerifier similar
to the DigestVerifier. My understanding was that this is how I can hook in
the actual identifier/password list and your response appears to confirm
that. Now in my application I have everything hooked up via Spring. Here is
what my beans look like...
<bean id="root" class="org.restlet.Application">
<constructor-arg index="0" ref="defaultRestletContext"/>
<property name="root">
<bean class="org.restlet.security.ChallengeAuthenticator">
<constructor-arg index="0" ref="defaultRestletContext"/>
<constructor-arg index="1" value="true"/>
<constructor-arg index="2">
<util:constant
static-field="org.restlet.data.ChallengeScheme.HTTP_AWS_S3"/>
</constructor-arg>
<constructor-arg index="3" value="localhost"/>
<constructor-arg index="4">
<bean
class="org.restlet.ext.crypto.internal.HttpAwsS3Verifier">
<constructor-arg index="0">
<bean
class="com.company.restlet.security.MyLocalVerifier"/>
</constructor-arg>
<constructor-arg index="1" value="true"/>
</bean>
</constructor-arg>
</bean>
</property>
</bean>
When my application is running and a request is sent I get the following
message...
*Challenge scheme HTTP_AWS not supported by the Restlet engine.*
I also get an authentication required required error sent back to the
client. I'm looking at the source for
org.restlet.ext.crypto.DigestAuthenticator but I do not see anything inside
that seems to set what ChallengeScheme is supported by it. I'm also
generally unclear where the mapping of ChallengeScheme to
Authenticator/Verifier occurs.
On Fri, May 14, 2010 at 6:58 AM, Thierry Boileau <
thierry.boil...@noelios.com> wrote:
> Hello Jean-Phillipe,
>
> that's a great news!
>
>
> > Now that I have all the pieces i'm ready to plug it in for testing and
> ultimately submission to the project.
> > I've been digging around a lot but am so far unable the location where
> the correct verifier is selected/instantiated for a given ChallengeScheme.
>
> Basically, a verifier is attached to an authenticator by the developer.
>
> If you have a look at the "crypto" extension, you will see a
> DigestAuthenticator that aims to handle Digest-based authentication,
> especially HTTP_DIGEST. This authenticator is aimed to be used as follow
> (see [1]):
>
> ***
>
> DigestAuthenticator guard = new DigestAuthenticator(null, "TestRealm",
> "mySecretServerKey");
>
> // Instantiates a Verifier of identifier/secret couples based on a simple
> Map.
> MapVerifier mapVerifier = new MapVerifier();
> // Load a single static login/secret pair.
> mapVerifier.getLocalSecrets().put("login", "secret".toCharArray());
> guard.setWrappedVerifier(mapVerifier);
>
> ***
>
> As you can see, a verifier is provided manually, and this verifier seems
> totally agnostic of the challenge scheme. That's true. You may have also
> noticed that this verifier is attached to the authenticator as a "wrapped"
> verifier.
> Actually, the DigestAuthenticator has its own verifier (see the
> constructor) which is an instance of DigestVerifier that wraps the user's
> one. This verifier supports a given ChallengeScheme which is HTTP_Digest.
> Here is an answer to your question.
> Another question is "why using a DigestVerifier that wraps a simple
> LocalVerifier?". The reason is that we try to support the case where the
> user's verifier leverages credentials that are already encrypted...
>
> I hope this get the things clearer, but I'm not really sure. Please let us
> know!
>
> Best regards,
> Thierry Boileau
>
> [1] http://wiki.restlet.org/docs_2.0/13-restlet/112-restlet.html
>
>
> Can you point me in the right direction? Ultimately it would be great if
> it "just worked." Any help on plugging this is would be greatly appreciated.
>
> On Sun, May 9, 2010 at 2:39 AM, Thierry Boileau <
> thierry.boil...@noelios.com> wrote:
>
>> Hello Jean-Philippe,
>>
>> unfortunately the server side has been implemented for the moment.
>>
>> Best regards,
>> Thierry Boileau
>>
>>
>> Hi,
>>
>> I'm using Amazon S3 authentication in my web application. I'm looking to
>> moving to restlet 2.0 from 1.1 and was wondering if there is finally a
>> server side implementation of the authentication protocol?
>>
>> Jean-Philippe Steinmetz
>>
>>
>
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2609206
