tags:

views:

31

answers:

0

Is there a way to validate digest authentication using LDAP only? I.e. if I have the following request from a client (stealed from Wikipedia):

GET /dir/index.html HTTP/1.0
Host: localhost
Authorization: Digest username="Mufasa",
                      realm="[email protected]",
                      nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
                      uri="/dir/index.html",
                      qop=auth,
                      nc=00000001,
                      cnonce="0a4f113b",
                      response="6629fae49393a05397450978507c4ef1",
                      opaque="5ccc069c403ebaf9f0171e9517f40e41"

could I validate the user against LDAP, meaning if I don't now user password hence is not able to construct a digest hash to compare with the response?