Skip to content

afs/http-digest-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
src
src
 
 
webapp
webapp
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
NOTICE
NOTICE
 
 
README.md
README.md
 
 
log4j.properties
log4j.properties
 
 
passwd
passwd
 
 
pom.xml
pom.xml
 
 
shiro.ini
shiro.ini
 
 

Repository files navigation

HTTP Digest Authentication

https://github.com/afs/http-digest-auth
org.seaborne:http-digest-auth

Why digest authentication?

Sometimes, something lighter than https is the needed or not assuming https setup. https is not easy to setup.

For example, from a small device or when making a few API calls.

But basic authentication over http is revealing the password. At least digest authentication does not reveal the shared secret.

Use with care. "better than nothing" is not a general security solution.

This repository has code for:

  • A HTTP digest (RFC2617) engine
  • Stand-alone servlet filter
  • An integration with Apache Shiro

About

HTTP Digest Authentication

Resources

Readme

License

Apache-2.0 license
Activity

Stars

17 stars

Watchers

5 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages