... I have been searching through the forum for some info regarding digest authentication (server side).
is there any function to have the nusoap server require a digest authentication or I have to managed that with pure php?
I mean, do I need to do something like that?
$realm = 'Restricted area';
$users = array('*****' => '***', 'guest' => 'guest');
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Digest realm="'.$realm.
'",qop="auth",nonce="'.uniqid().'",opaque="'.md5($realm).'"');
die('Text to send if user hits Cancel button');
}
// analyze the PHP_AUTH_DIGEST variable
if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) ||
!isset($users[$data['username']]))
die('Wrong Credentials!');
// generate the valid response
$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);
if ($data['response'] != $valid_response)
die('Wrong Credentials!');
|
or could this thing be managed directly with nusoap_server class?
I tried to use setCredentials but php said me that this method is not part of nusoap_server class.
Is there anywhere a complete client/server examples using digest authentication ??
TIA
RSS2 Feed
Posted: Wed Nov 18, 2009 5:25 pm
