Digest authentication with passwordAlreadyEncoded=true
My app needs to support basic authentication and also digest authentication in various different modules (to support a WebDAV service in fact).
To this end I store both a "real" encrypted password and the ha1 hash for message digest authentication. I suppose I could store plaintext passwords, but I really don't like that idea.
When configuring the module to use digest authentication, however, I can see how to configure the DigestProcessingFilter to manage the appropriate digest headers (the service for this creates a UserDetails object with the ha1 value in the password property) but not how to configure the FilterSecurityInterceptor to deal with the pre-encrypted value.
Here's how that first part's currently set up:
Help?Code:<!-- Creates a UserDetails object with the ha1 value for the password property (the default implementation via securityService contains a differently encrypted password value) --> <bean id="digestUserDetailsService" class="com.fatmoggy.lola.security.service.DigestUserDetailsService"> <property name="userDetailsService" ref="securityService"/> </bean> <!-- Configured to expect ha1 passwords --> <bean id="digestProcessingFilter" class="org.springframework.security.ui.digestauth.DigestProcessingFilter"> <property name="userDetailsService" ref="digestUserDetailsService" /> <property name="authenticationEntryPoint" ref="digestProcessingFilterEntryPoint"/> <property name="passwordAlreadyEncoded" value="true"/> </bean> <bean id="digestProcessingFilterEntryPoint" class="org.springframework.security.ui.digestauth.DigestProcessingFilterEntryPoint"> <property name="realmName" value="fatmoggy.com" /> <property name="key" value="FatMoggy"/> <property name="nonceValiditySeconds" value="10" /> </bean>
