Basic & Digest Negotiation Authentication

views:

answers:

+1 Q:

Basic & Digest Negotiation Authentication

I'm writing a WebDav implementation. I have implemented both basic and digest authentication.

My problem is that Digest Authentication isn't implemented by all clients. (In particular Dreamweaver) While Windows Web Folders doesn't work when sent a basic http challenge.

Is it possible to do client/server negotiation (Http Negotiation/SPNEGO)? What would the headers look like?

+1 A:

Microsoft Web Folders supports basic via HTTPS. To use basic via HTTP you have to set on a client machine: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters\BasicAuthLevel to 2.

Here is more info about this: http://www.webdavsystem.com/server/documentation/authentication/basic_auth_vista

2010-08-18 17:43:46

Still doesn't work, Windows Web Folders only supports Digest

Elijah Glover 2010-08-19 03:44:49

As far as I remember you need to reboot the computer after the above registry changes.Please also make sure you truncate everything that goes before '\'. Vista and 7 may attach domain name to Authorization header.

2010-08-20 16:35:34

The web folders dialogue is often broken on Windows (do not know by which update, but it affects certain WinXp constellations and both Vista and 7)

The net use * http://my-webdav-resource/ command line does mostly work in my experience, even when the wizard won't connect. But to use Basic-Auth on plain HTTP you will need to change the registry as described above for Vista/7.

Thomas Weber 2010-09-16 21:31:40

ansaurus

tags:

views:

answers:

Basic & Digest Negotiation Authentication

related questions