[Date Prev][Date Next]
anyone here expert on SASL & digest auth in http?
I just have a theoretical question; can digest authentication as used by
http be tunneled through a servlet engine to authenticate against
openldap using DIGEST-MD5 auth?
I currently believe this is not possible since the http client would use
a username different from the DN used by the cyrus SASL MD5 algorithm,
and in addition, a http digest sequence involves the use of an nounce
number as a salt in addition.
Anyone got any definite answer on this?