From: Ronald J Kimball Date: Tue, 14 Dec 2010 19:55:03 +0000 (+0000) Subject: Improve documentation for authenticate_digest() X-Git-Tag: v1.013~1 X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Authentication-Credential-HTTP.git;a=commitdiff_plain;h=1cd102dc545e92cac6b163c26492e03662932081 Improve documentation for authenticate_digest() depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session reorganize and clarify --- diff --git a/Changes b/Changes index c22f75e..f5c5b14 100644 --- a/Changes +++ b/Changes @@ -3,6 +3,9 @@ - Make Test::Exception and Test::MockObject be listed as test_requires rather than requires (RT#54029) - Skip WWW::Mech tests unless WWW::Mech is a new enough version (RT#55303). + - Improve documentation for authenticate_digest() (rjk) + - depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session + - reorganize and clarify 1.012 2010-03-07 - Move actions out of the test applications to stop warnings. diff --git a/lib/Catalyst/Authentication/Credential/HTTP.pm b/lib/Catalyst/Authentication/Credential/HTTP.pm index 5897b57..1e2648d 100644 --- a/lib/Catalyst/Authentication/Credential/HTTP.pm +++ b/lib/Catalyst/Authentication/Credential/HTTP.pm @@ -528,12 +528,17 @@ Performs HTTP basic authentication. =item authenticate_digest $c, $realm, \%auth_info -Performs HTTP digest authentication. Note that the password_type B by I for -digest authentication to succeed, and you must have L in -your application as digest authentication needs to store persistent data. +Performs HTTP digest authentication. -Note - if you do not want to store your user passwords as clear text, then it is possible -to store instead the MD5 digest in hex of the string '$username:$realm:$password' +The password_type B be I for digest authentication to +succeed. If you do not want to store your user passwords as clear +text, you may instead store the MD5 digest in hex of the string +'$username:$realm:$password'. + +L is used for persistent storage of the nonce +values (see L). It must be loaded in your application, unless +you override the C and +C methods as shown below. Takes an additional parameter of I, the possible values of which are 'MD5' (the default) and 'MD5-sess'. For more information about 'MD5-sess', see section 3.2.2.2 in RFC 2617.