1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
<?xml version="1.0" encoding="UTF-8"?>
<!-- Reviewed: no -->
<sect1 id="zend.auth.adapter.digest">
<title>Digest Authentication</title>
<sect2 id="zend.auth.adapter.digest.introduction">
<title>Introduction</title>
<para>
<ulink url="http://en.wikipedia.org/wiki/Digest_access_authentication">Digest
authentication</ulink> is a method of <acronym>HTTP</acronym> authentication that
improves upon <ulink
url="http://en.wikipedia.org/wiki/Basic_authentication_scheme">Basic
authentication</ulink> by providing a way to authenticate without having to
transmit the password in clear text across the network.
</para>
<para>
This adapter allows authentication against text files containing lines having the basic
elements of Digest authentication:
</para>
<itemizedlist>
<listitem>
<para>
username, such as "<emphasis><filename>joe.user</filename></emphasis>"
</para>
</listitem>
<listitem>
<para>
realm, such as "<emphasis>Administrative Area</emphasis>"
</para>
</listitem>
<listitem>
<para>
<acronym>MD5</acronym> hash of the username, realm, and password, separated
by colons
</para>
</listitem>
</itemizedlist>
<para>
The above elements are separated by colons, as in the following example (in which the
password is "<emphasis>somePassword</emphasis>"):
</para>
<programlisting language="txt"><![CDATA[
someUser:Some Realm:fde17b91c3a510ecbaf7dbd37f59d4f8
]]></programlisting>
</sect2>
<sect2 id="zend.auth.adapter.digest.specifics">
<title>Specifics</title>
<para>
The digest authentication adapter, <classname>Zend_Auth_Adapter_Digest</classname>,
requires several input parameters:
</para>
<itemizedlist>
<listitem>
<para>
filename - Filename against which authentication queries are performed
</para>
</listitem>
<listitem>
<para>
realm - Digest authentication realm
</para>
</listitem>
<listitem>
<para>
username - Digest authentication user
</para>
</listitem>
<listitem>
<para>
password - Password for the user of the realm
</para>
</listitem>
</itemizedlist>
<para>
These parameters must be set prior to calling <methodname>authenticate()</methodname>.
</para>
</sect2>
<sect2 id="zend.auth.adapter.digest.identity">
<title>Identity</title>
<para>
The digest authentication adapter returns a <classname>Zend_Auth_Result</classname>
object, which has been populated with the identity as an array having keys of
<emphasis>realm</emphasis> and <emphasis>username</emphasis>. The respective array
values associated with these keys correspond to the values set before
<methodname>authenticate()</methodname> is called.
</para>
<programlisting language="php"><![CDATA[
$adapter = new Zend_Auth_Adapter_Digest($filename,
$realm,
$username,
$password);
$result = $adapter->authenticate();
$identity = $result->getIdentity();
print_r($identity);
/*
Array
(
[realm] => Some Realm
[username] => someUser
)
*/
]]></programlisting>
</sect2>
</sect1>
<!--
vim:se ts=4 sw=4 et:
-->
|
