> I think a realm value is required for Digest authentication, > but I don't think > we provide any way of supplying it. I am no expert on this, but I thought that the realm information is actually provided by the server, as part of the authentication challenge. The client then combines the username, password and the server-provided realm (and the 'nonce' value which is also provided by the server), and computes a MD5 hash which he then sends back to the server. Providing p:http-request with an explicit realm option would only make sense to me if p:http-request contained some logic for determining which username/password to pick for a particular authentication realm. But again, (thankfully) I don't enough about this, so I may be wrong. Regards, VojtechReceived on Wednesday, 10 December 2008 13:32:46 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 10 December 2008 13:32:47 GMT