How can I Set Realm and Client Nonce in ADVANCED of Authorization Digest Auth

Question

How can I Set Realm and Client Nonce in ADVANCED of Authorization Digest Auth

JustZK opened this issue 3 years ago · 3 comments

Hi, I would like to modify the value of Realm and Client Nonce in the advanced management of Authorization Digest Auth. How can I change it?

Lotsssss of thanks!

Answer 1 · 2021-06-04T06:52:10.000Z

Good issues

Answer 2 · 2021-06-07T06:55:01.000Z

hi, right now there is no way to influence the client nonce. I am not entirely sure what you mean by "advanced management" however, per definition, the client nonce should be a random number created by the client for every authentication flow. The current implementation is based on the apache httpclient digest auth scheme, since it didnt have this feature either, I am very surprised that someone needs it here.

Regarding the Realm, this is solely dependent on the server. There is no way to influence the realm on the client.

Answer 3 · 2021-07-05T02:32:50.000Z

Thank you for your reply! You are right. I read the digest rules again and confirmed that what you said is completely correct by a TCP Socket demo .