Persisting credentials to be used with HTTP Digest authentication

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Persisting credentials to be used with HTTP Digest authentication

Fabian Mandelbaum
Hello,

I'm trying to switch from HTTP Basic (through an HTTPS channel) to HTTP Digest (keeping the HTTPS channel) authentication.

I'm currently testing without HTTPS, and I was wondering how should my 'backend' store the user credentials.

Currently I'm using an MD5 hash of the password, so I cannot retrieve the 'clear text' password apparently needed by a LocalVerifier.

Is storing the clear text password the ONLY way I can use HTTP Digest authentication for my Restlet application, or is there another way where I can use HTTP Digest while keeping the password stored securely?

Thanks in advance for your answers.

--
Fabián Mandelbaum
IS Engineer
Loading...