On Thu, Jul 1, 2010 at 2:18 PM, Juha Heinanen jh@tutpro.com wrote:
Jan Janak writes:
It has been obsoleted because all the function did was to send a reply with digest challenge included. We achieve the same in the configuration file with a combination of append_to_reply and sl_reply:
if (!proxy_authenticate("$fd.digest_realm", "credentials")) { if ($? == -2) { sl_reply("500", "Internal Server Error"); } else if ($? == -3) { sl_reply("400", "Bad Request"); } else { if (defined $digest_challenge && $digest_challenge != "") { append_to_reply("%$digest_challenge"); } sl_reply("407", "Proxy Authentication Required"); } drop; }
jan,
thanks for the explanation. what value should i give to $digest_challenge variable so that proper Proxy-Authenticate header is included in the reply?
The whole header field, including the header field name and terminating CRLF. The function build_challenge_hf in modules_s/challenge.c can do this for you. The auth module exports the function through its API so you can easily reuse it.
See the function "authenticate" in modules_s/auth_db/authorize.c for an example, grep for the string "build_challenge".
-Jan