1. Home

Product groups

Support

Re: Digest authentication problem - WeOnlyDo Discussion board

Re: Digest authentication problem (General questions)

by paul draper, Wednesday, August 17, 2005, 16:17 (7037 days ago) @ wodSupport

Hi guys,

I've done some more investigation.

I've removed the proxy from the equation and still have problems.

If I connect to the web server directly I see the following using a packet sniffer:

I receive a 401 response with the following digest authentication challange

WWW-Authenticate: Digest realm= dtt ,
nonce= CKCmVoj+AwA=5acdd81365dcb1bed622e5fa39fda99394be4246 ,
algorithm=MD5,
domain= /var/www/html/digest/ http://192.168.0.92/digest ,
qop= auth

I provide username and password when requested, I see a request go to the server with the following authorization header:

Authorization: Digest username= datatrack ,
realm= dtt ,
qop= auth ,
algorithm= MD5 ,
uri= /digest ,
nonce= CKCmVoj+AwA=5acdd81365dcb1bed622e5fa39fda99394be4246 ,
nc=00000001,
cnonce= 0eaea6e30cbb4541cde4e4757b3e1c05 ,
response= 128f21db62276c6318c6b56ebebc7e60

The sever then correctly returns the page for me to display.

I have also captured the output from the the HttpDLX component in the debug file:

I get a 401 response with the authentication challange

WWW-Authenticate: Digest realm= dtt ,
nonce= mGtRSoj+AwA=10a178bcdf03bb887a670df9acdbe14ac0f5aef2 ,
algorithm=MD5,
domain= /var/www/html/digest/ http://192.168.0.92/digest ,
qop= auth

the httpdlx replies with the following authorization:

Authorization: Digest username= datatrack ,
realm= dtt ,
qop= auth ,
algorithm= md5 ,
uri= /digest ,
nonce= mGtRSoj+AwA=10a178bcdf03bb887a670df9acdbe14ac0f5aef2 ,
nc= 00000002 ,
cnonce= 477852d9077dd2532cd2c15ce7388b80 ,
opaque= ,
response= 7d0900cf0168e23489fabaced6c98e76

however, instead of getting a 200 OK and the requested page you get a 401 and the who thing happens again. This then continues indefinately looping sending the response and getting back the 401.

The only real difference I can see between the messages is that the nc field is double quoted in the httpdlx message and isn't in the browser one. Could this be causing the problem???

any help would be gratefully received.

Thanks Paul.

locked
2113 views

Complete thread:

 

It was no small factor, however, that your support in getting me up and running made me buy from you.

Charles Taylor
InterWeave, Inc.

It was no small factor, however, that your support in getting me up and running made me buy from you.

Charles Taylor
InterWeave, Inc.

...with WOD's excellent support I was able to bypass Winsock and focus on the task at hand...

Sander Pool
Rhapsody Networks

Thank you for the great customer service ... I am really impressed with the wodSSH ActiveX control.

Andrew Ross
Kiwi Enterprises

Just thought you'd like to know that my gateway app with your SMTP Server component held the line against a DDOS attack today...

Chris Langsenkamp
Clever Technologies

This has been, by far, the best experience I have ever had dealing with a support entity in my long career in the technical arena

Frank Kloskowski
GlobalCare Inc.

I really like these products - they are consistently first rate!

David Witten
WWR Development, Inc.

I've heard that you are amazing with your replies coming back so quickly - and now I've seen the speed in which you reply first hand.

Andrew Narracott
Sun Computer Consultancy

I've heard that you are amazing with your replies coming back so quickly - and now I've seen the speed in which you reply first hand.

Andrew Narracott
Sun Computer Consultancy

I would highly recommend this to anyone who needs a good quality SFTP solution.

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions