To enable Digest Authentication, add the following lines to the paw/conf/handler.xml file just after the opening <handlers> tag:
<handler status="active">
<name>Digest Handler</name>
<description>Digest authentication handler.</description>
<removable>true</removable>
<id>authDigest</id>
<files/>
<params>
<param name="authDigest.class" value="sunlabs.brazil.handler.DigestAuthHandler" />
<param name="authDigest.prefix" value="/" />
<param name="authDigest.realm" value="Protected" />
<param name="authDigest.credentials" value="[PAW_HOME]/webconf/auth/digest.conf" />
</params>
</handler>
This configuration protects the whole web site, if you would only like to protect a single directory, you can change the prefix parameter.
Now create a file called paw/webconf/auth/digest.conf with the following content:
#--------------------------------------------------------- # Digest Authenticatin configuration #--------------------------------------------------------- # Format: # username=plain password # # Instead of the plain password, HA1 can be used: # md5(user:realm:pass) # # username=HA1 #--------------------------------------------------------- user=test
The sample user is called user, with the password test.
It is recommended to build the HA1 hash for security reasons.
For the changes to take effect, restart the server.
