November 2017
Intermediate to advanced
420 pages
10h 29m
English
Content preview from RESTful Java Web Services - Third Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
HTTP digest authentication
To overcome the challenge with using clear text login credentials in HTTP basic authentication, the cryptographic hash of the login credentials are used for HTTP digest authentication. The client sends a one-way cryptographic hash of the username, password, and a few other security-related fields using the MD5 message-digest hash algorithm. When the server receives the request, it regenerates the hashed value for all the fields used by the client to generate the hash and compare it with the one present in the request. If the hashes match, the request is treated as authenticated and valid. To follow the steps of configuring the digest authentication realm in the GlassFish server, refer to Chapter 2, Administering ...