[Twisted-Python] Something strange about cred
dreid at dreid.org
Fri Feb 9 11:19:38 EST 2007
-----BEGIN PGP SIGNED MESSAGE-----
On Feb 9, 2007, at 3:24 AM, Phil Mayers wrote:
> David Reid wrote:
>>> Death to HTTP digest authentication!
>> I don't know, I definitely prefer digest authentication to sending
>> my password in plaintext
> web2 auth is a much better architecture.
> I only spent a few hours looking at it (primarily looking at how
> Apples CalDAV server implemented SPNEGO - very neat)
The way Apple's CalDAV server uses web2 auth is kind of broken,
please don't use it as an example of how to use cred. It does some
very poor things because sometimes I'm an idiot.
> but it seemed to me that it could issue multiple WWW-Authenticate
> headers and the browser should pick and reply to the appropriate one.
This is correct.
> Was my understanding correct? If so, why did the digest checker
> cause this?
The problem wasn't with a Digest checker it was with the lack of a
checker for the IUsernameHashedPassword credential interface. You
still need to have a checker that implements the interface of
whatever you are getting back from ICredentialFactory.decode. In
basic this is IUsernamePassword, for digest this is
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
-----END PGP SIGNATURE-----
More information about the Twisted-Python