[jboss-jira] [JBoss JIRA] (ELY-1485) HTTP DIGEST requires cnonce to be base64
Jan Kalina (JIRA)
issues at jboss.org
Wed Jan 10 09:18:00 EST 2018
[ https://issues.jboss.org/browse/ELY-1485?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Kalina closed ELY-1485.
---------------------------
Resolution: Rejected
Sorry, my fault, mismatched nonce and cnonce, it is required only for server nonce, which is correct.
> HTTP DIGEST requires cnonce to be base64
> ----------------------------------------
>
> Key: ELY-1485
> URL: https://issues.jboss.org/browse/ELY-1485
> Project: WildFly Elytron
> Issue Type: Bug
> Components: HTTP
> Affects Versions: 1.2.0.Beta11
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Labels: digest
>
> NonceManager of HTTP DIGEST mechanism requires nonce to base64 encoded value, otherwise it fails on DecodeException.
> In RFC there is no requirement for client to use base64 value as cnonce. There is only recommendation for server nonce:
> {panel}
> nonce
> A server-specified data string which MUST be different each time a
> digest-challenge is sent as part of initial authentication. It is
> *recommended* that this string be base64 or hexadecimal data.
> {panel}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list