Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1905: Added footnote to password encoding for digest authentication 

Technically digest authentication can allow for encoded passwords, but
it needs to be in the correct format. This update adds a footnote to clarify this.

Previously the documentation stated that passwords must be in clear text.
This commit is contained in:
Rob Winch 2012-07-11 13:00:06 -05:00
parent 40ccbedefd
commit bfd09f7603
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/manual/src/docbook/basic-and-digest-auth.xml
View File

@ -138,9 +138,12 @@
<para>The configured <interfacename>UserDetailsService</interfacename> is needed because
<literal>DigestAuthenticationFilter</literal> must have direct access to the clear
text password of a user. Digest Authentication will NOT work if you are using
encoded passwords in your DAO. The DAO collaborator, along with the
<literal>UserCache</literal>, are typically shared directly with a
<classname>DaoAuthenticationProvider</classname>. The
encoded passwords in your DAO <footnote>It is possible to encode the password in the
format HEX( MD5(username:realm:password) ) provided the
<code>DigestAuthenticationFilter.passwordAlreadyEncoded</code> is set to <code>true</code>.
However, other password encodings will not work with digest authentication.</footnote>. The DAO
collaborator, along with the <literal>UserCache</literal>, are typically shared directly
with a <classname>DaoAuthenticationProvider</classname>. The
<literal>authenticationEntryPoint</literal> property must be
<classname>DigestAuthenticationEntryPoint</classname>, so that
<classname>DigestAuthenticationFilter</classname> can obtain the correct