W3C Jigsaw


All resources All frames

DigestAuthFilter

The DigestAuthFilter provides digest authentication mechanism, as described in draft-ietf-http-authentication. It is just a test implementation, and only the password authentication is done, unlike GenericAuthFilter which provides also IP authentication. A new interface will be around soon.

The filter is configured to allow only some users or groups of users to access the information it protects. User are stored in a realm database. If no users are specified, all the users of the realm are allowed.

You should also note that if the filter is set on the protocol frame of a Container, it will protect also all its childs recursively.


Inherits

The DigestAuthFilter class inerits from the following classes:


Attributes description

The DigestAuthFilter defines the following attributes:


users
semantics
The list of the users in this realm, that are allowed to access the information protected by this filter
type
This attribute is an editable StringArrayAttribute
default value
This attribute defaults to null.


groups
semantics
The list of groups allowed to access informations protected by this filter.
type
This attribute is an editable StringArrayAttribute
default value
This attribute defaults to null.


algorithm
semantics
The algorithm used to encode/decode information, could be SHA, MD5 or some others.
type
This attribute is an editable StringAttribute
default value
This attribute defaults to "MD5".


nonce_ttl
semantics
The Time To Live of the nonce (somewhere linked to the challenge). To avoid attack by repetition, you should set it to a low value, but if the value is too low, it may generate too many round trips between the client and the server. The unit is one second.
type
This attribute is an editable IntegerAttribute
default value
This attribute defaults to 300.


Jigsaw Team
$Id: org.w3c.jigsaw.auth.DigestAuthFilter.html,v 1.1 1999/03/24 09:29:40 bmahe Exp $