Hi! I'm still messing with the "Digest Auth". I read the RFC for "Digest Auth" (RFC2617) and found out that header from LJ-powered server differs from RFC. However, when I try to connect to some page appending "?auth=digest", browser understands that correct. So obviously there is something that I don't understand. Can somebody please explain me, where should I look for "opaque"?
Sample header from RFC HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm="firstname.lastname@example.org", qop="auth,auth-int", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41" (.. all the rest of header)
Digest Auth header from LJ HTTP/1.0 401 Authentication required Date: Tue, 12 Apr 2005 13:41:19 GMT Server: Apache Set-Cookie: ljuniq=Uy0wAsQozZQTqTv:1113313279; expires=Saturday, 11-Jun-2005 13:41:19 GMT; domain=.livejournal.com; path=/ WWW-Authenticate: Digest realm="lj", nonce="c0:1113310800:2479:180:EBUyeZRYSpV6g0vDsk5A:4bb0828f68a63616d53fd0c5978de840", algorithm=MD5, qop="auth" Connection: close Content-Type: text/html
Digest Auth header from our Latvian LJ-powered server HTTP/1.1 401 Authentication required Date: Wed, 13 Apr 2005 05:54:44 GMT Server: Apache-AdvancedExtranetServer/1.3.28 WWW-Authenticate: Digest realm="lj", nonce="c0:1113368400:3250:180:k4ytdzqZbOz3SAOE4kDY:4c079653aa5445e45225c56644dad5c5", algorithm=MD5, qop="auth" Content-Type: text/html; charset=iso-8859-1 Via: 1.1 journal.bad.lv X-Cache: MISS from journal.bad.lv Connection: close Transfer-Encoding: chunked
[14.01.2005 8:48 GMT + 0300] I apologize to everyone whose friends page I broke with this entry. I didn't thought of that.
Besides, my Gmail stuck and I got all these replies only early this morning.