Authentication from url in Restlet
Posted
by DutrowLLC
on Stack Overflow
See other posts from Stack Overflow
or by DutrowLLC
Published on 2010-06-17T16:09:26Z
Indexed on
2010/06/17
16:13 UTC
Read the original article
Hit count: 284
I've been using Restlets "ChallengeResponse" mechanism to authenticate users so far.
ChallengeResponse challengeResponse = getRequest().getChallengeResponse();
if( challengeResponse == null ){
throw new RuntimeException("not authenticated");
}
String login = challengeResponse.getIdentifier();
String password = new String(challengeResponse.getSecret());
From my understanding, "ChallengeResponse" requires that the username and password are put into headers. However a client needs to put the credentials into the url like so:
https://username:[email protected]/my_secure_document
When I looked at what was actually sent, it looks like the password is being hashed.
What is the proper way to authenticate in this fashion using Restlet?
© Stack Overflow or respective owner