[Date Prev][Date Next] [Chronological] [Thread] [Top]

anyone here expert on SASL & digest auth in http?

I just have a theoretical question; can digest authentication as used by
http be tunneled through a servlet engine to authenticate against
openldap using DIGEST-MD5 auth?

I currently believe this is not possible since the http client would use
a username different from the DN used by the cyrus SASL MD5 algorithm,
and in addition, a http digest sequence involves the use of an nounce
number as a salt in addition.

Anyone got any definite answer on this?

- Torgeir