Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Digest authentication using hashed password in Jetty 6

Hi,

In order to avoid saving passwords in the clear on the server I was hoping to save the HA1 MD5 hash and then calculate HA2 using parameters (nonce etc) retrieved from the message digest and then authenticate against the HA2 value received in the authentication response. The required values seem to be available in the credentials passed back via the realm.authenticate() call in DigestAuthenticator.authenticate if I could cast the sub class Digest to the credentials. Unfortunately Digest is a private class within DigestAuthenticator.

Does anyone know how I can access the attributes stored within the Digest class to allow me to calculate HA2.

Thanks

PS sorry if I'm missing something obvious but completely new to Jetty


Back to the top