public static String encodePasswordInA1Format(String username, String realm, String password) { String a1 = username + ":" + realm + ":" + password; String a1Md5 = md5Hex(a1); return a1Md5; }
protected String clientDigestString( String serverDigestString, String username, String password, String method) { String section212response = serverDigestString.substring(7); String[] headerEntries = DigestAuthUtils.splitIgnoringQuotes(section212response, ','); Map<String, String> headerMap = DigestAuthUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", "\""); String realm = headerMap.get("realm"); String qop = headerMap.get("qop"); String nonce = headerMap.get("nonce"); String uri = "/foo/bar"; String nc = "00000001"; String cnonce = "0a4f113b"; String opaque = "5ccc069c403ebaf9f0171e9517f40e41"; String responseString = DigestAuthUtils.generateDigest( false, username, realm, password, method, uri, qop, nonce, nc, cnonce); String template = "Digest username=\"{0}\",realm=\"{1}\""; template += ",nonce=\"{2}\",uri=\"{3}\""; template += ",qop=\"{4}\",nc=\"{5}\""; template += ",cnonce=\"{6}\",response=\"{7}\""; template += ",opaque=\"{8}\""; return MessageFormat.format( template, username, realm, nonce, uri, qop, nc, cnonce, responseString, opaque); }
@Override public String getCacheKey(HttpServletRequest request) { if (request.getSession(false) != null) // no caching if there is an HTTP session return null; String header = request.getHeader("Authorization"); if ((header != null) && header.startsWith("Digest ")) { String section212response = header.substring(7); String[] headerEntries = DigestAuthUtils.splitIgnoringQuotes(section212response, ','); Map<String, String> headerMap = DigestAuthUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", "\""); String username = headerMap.get("username"); String realm = headerMap.get("realm"); String nonce = headerMap.get("nonce"); String responseDigest = headerMap.get("response"); if (StringUtils.hasLength(username) == false || StringUtils.hasLength(realm) == false || StringUtils.hasLength(nonce) == false || StringUtils.hasLength(responseDigest) == false) return null; if (GeoServerUser.ROOT_USERNAME.equals(username)) return null; StringBuffer buff = new StringBuffer(); buff.append(username).append(":"); buff.append(realm).append(":"); buff.append(nonce).append(":"); buff.append(responseDigest); return buff.toString(); } else { return null; } } /** @see org.geoserver.security.filter.GeoServerAuthenticationFilter#applicableForHtml() */
String a1Md5 = null; String a2 = httpMethod + ":" + uri; String a2Md5 = md5Hex(a2); a1Md5 = DigestAuthUtils.encodePasswordInA1Format(username, realm, password); String digestMd5 = new String(md5Hex(digest));
String[] splitThisArrayElement = split(postRemove, delimiter);