jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Douglas Jose (JIRA)" <j...@apache.org>
Subject [jira] Created: (JCR-2773) HTTP digest authentication support
Date Mon, 11 Oct 2010 09:31:32 GMT
HTTP digest authentication support

                 Key: JCR-2773
                 URL: https://issues.apache.org/jira/browse/JCR-2773
             Project: Jackrabbit Content Repository
          Issue Type: New Feature
            Reporter: Douglas Jose
         Attachments: http-digest.patch

I have extended Jackrabbit to allow HTTP digest authentication through WebDAV, as Windows
7 can't connect to a WebDAV repository using basic authentication.
The implementation is based on Tomcat's source code (I have used it as a reference to implement
the same authentication handling in Jackrabbit). I hope that's not a problem.

In order to enable the digest authentication, you need to:

- Change the WebDAV servlet from 'org.apache.jackrabbit.j2ee.SimpleWebdavServlet' to 'org.apache.jackrabbit.j2ee.DigestWebdavServlet'
in the web.xml file;
- Change the LoginModule to 'org.apache.jackrabbit.core.security.simple.DigestLoginModule'
in the repository.xml file
- Add the parameter 'passwordsFile' to the DigestLoginModule with the path of the passwords
- Add to the passwords file created above the user id and the password digest. The utility
DigestPasswordUtil in the jackrabbit-jcr-commons project can be used to generate the entry
to be appended to the passwords file.

java -cp target/jackrabbit-jcr-commons-2.2-SNAPSHOT.jar org.apache.jackrabbit.util.DigestPasswordUtil
user realm password

The DigestLoginModule configuration is optional, I believe the DigestWebdavServlet should
work normally with the SimpleLoginModule which accepts any credentials.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message