Digest authentication with LDAP backend

From: Guilherme Buonfiglio de Castro Monteiro <guilherme.monteiro@dont-contact.us>
Date: Thu, 17 Mar 2005 09:25:12 -0300

Hi,

I'm developing a perl digest authentication program that uses LDAP as
backend.
It's near completion but I'm needing help with HHA1 return to Squid.
First I will explain what I'm doing:
1) I'm creating a new Ldap ObjectClass that has uid/digestInfo/ha1
2) digestInfo is join(":",$username,$realm)
    ha1 is md5_hex( join(":",$username,$realm,$password));
3) So for username:realm:password I have
    digestInfo=username:realm
    ha1=66999343281b2624585fd58cc9d36dfc
4) My program should receive "a line containing "username":"realm" and
replies with the appropriate H(A1) value base64 encoded or ERR if the
user (or his H(A1) hash) does not exists." (this was extracted from
squid.conf for auth_param digest).
Actually it's receiving it. :-)
5) Then I issue a ldapsearch (digestInfo=".$digestInfo") and read the
attribute ha1
6) Then I return $hha1 = encode_base64($ha1); I know that I'm missing
the point at this moment!!!
I know ha1 is correct. I've already compared with results from apache
htdigest program. But what Squid want's is not the encode_base64($ha1).

I'll be glad for any help with this issue. Also I will release "GPL'ed"
both code and some kind of how-to after fix this.

Best Regards,
Guilherme Buonfiglio de Castro Monteiro
Received on Mon Mar 21 2005 - 12:04:29 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:04 MST