Re: Question about CURLOPT_HTTPAUTH
Date: Tue, 29 Jul 2003 00:23:47 +0200 (CEST)
On Mon, 28 Jul 2003, James Gallagher wrote:
> I have a possibly naive question about the HTTPAUTH feature of
> libcurl-7.10.6. I have an application that needs to use authentication.
> Basic authentication is OK, but I'd prefer Digest. When I call:
> curl_easy_setopt(d_curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_BASIC);
> Authentication works just fine. However, when I use:
> or just CURLAUTH_DIGEST alone, authentication fails. I can see with VERBOSE
> and a DEBUGFUNCTION that with CURLAUTH_BASIC an Authorization header is send
> to the server (here's what it looks like: Authorization: Basic
> amltZzp3YXNfcXVpdA==, which seems odd since I thought with Basic
> authenticationthe username and password would be sent as plain text...) but
> with BASIC|DIGEST or DIGEST, there's no such header.
First, the Basic credentials are plain text base64 encoded. (As Scott already
Digest authentication requires an initial request to get a "WWW-Authenticate:
Digest" header back that contains the nonce needed for doing subsequent
request which then should get a proper response back (if the name and password
> Can anybody tell me how to get Digest authentication working or what I'm
> doing wrong? If so, I'd really appreciate it.
What headers do you get back in the first response?
(I just now wrote up a fresh test case that tests Basic or Digest, and it
seems to work fine...)
-- Daniel Stenberg -- curl: been grokking URLs since 1998 ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01Received on 2003-07-29