HTTP Digest support?

Hi there,

is it planned to add digest auth at some time ? It’s not that basic
auth is not useful, but it’s pretty weak on replay attacks. Nowadays,
every common browser supports digest auth so it would be really a
plus.

I’m also interested if it could support internal urls for the internal
password file, like X-Accel-Redirect does. It would be really useful
to delegate authentication to a third-party web application in a
multi-application setup.

Jonas P. wrote:

Hi there,

is it planned to add digest auth at some time ? It’s not that basic
auth is not useful, but it’s pretty weak on replay attacks. Nowadays,
every common browser supports digest auth so it would be really a
plus.

I’m also interested if it could support internal urls for the internal
password file, like X-Accel-Redirect does. It would be really useful
to delegate authentication to a third-party web application in a
multi-application setup.

Hi,

Any update on digest auth? I want to write a web service that would
connect to a remote third party web server for retrieving data. The
remote server requires digest authentication.

Thanks in advance.

+1

I believe if spnego fails its supposed to fall back to digest. I’d like
to have that implemented properly.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs