www.openlinksw.com
docs.openlinksw.com

Book Home

Contents
Preface

Virtuoso Functions Guide

Administration
Aggregate Functions
Array Manipulation
BPEL APIs
Backup
Compression
Cursor
Date & Time Manipulation
Debug
Dictionary Manipulation
Encoding & Decoding
File Manipulation
Free Text
Hashing / Cryptographic
LDAP
Locale
Mail
Miscellaneous
Number
Phrases
RDF data
Remote SQL Data Source
Replication
SOAP
SQL
String
Transaction
Type Mapping
UDDI
User Defined Types & The CLR
Virtuoso Java PL API
Virtuoso Server Extension Interface (VSEI)
Web & Internet
dav add & update fun...
dav lock manipulatio...
dav manipulation fun...
dav search functions
dav_exp
lfs_exp
serv_queue_top
urlrewrite_create_re...
user_key_load
vhost_define
vhost_remove
webdav users & group...
client_attr
connection_get
connection_id
connection_is_dirty
connection_set
connection_vars
connection_vars_set
dbname
ftp_get
ftp_ls
ftp_put
get_certificate_info
get_keyword
get_keyword_ucase
http
http_acl_get
http_acl_remove
http_acl_set
http_body_read
http_client
http_client_ext
http_client_ip
http_debug_log
http_enable_gz
http_file
http_flush
http_get
http_header
http_header_get
http_kill
http_listen_host
http_map_get
http_map_table
http_param
http_path
http_pending_req
http_physical_path
http_proxy
http_request_get
http_request_header
http_request_status
http_rewrite
http_root
http_url
http_value
http_xslt
ses_connect
ses_disconnect
ses_read_line
ses_write
tcpip_gethostbyaddr
tcpip_gethostbyname
vsp_calculate_digest
wsdl_import_udt
XML
XPATH & XQUERY

Functions Index

vsp_calculate_digest

calculate on server-side a digest to perform a HTTP digest authentication
vsp_calculate_digest (in username varchar, in password varchar, in credentials any);
Description

The vsp_calculate_digest() function is used to calculate on server-side a digest to perform a HTTP digest authentication. When the authentication type is 'digest' the function will return a md5 checksum based on credentials, user name and password. The checksum calculation will be made as required for HTTP Digest authentication to compare against 'response' element of credentials. If the authentication is basic a NULL will be returned.

Parameters
username – A string with name of the user account name
password – A string with a plain text password from the users table (can be from external LDAP server etc.)
credentials – A vector of name/value pairs (the keyword and value are strings) of:
Table: 22.1. Valid values
Name Description
authtype 'digest' or 'basic'
realm from HTTP Authorization request header
method from HTTP request line
uri from HTTP Authorization request header
nonce from HTTP Authorization request header
nc from HTTP Authorization request header
cnonce from HTTP Authorization request header
qop from HTTP Authorization request header
response the client-side calculated digest

Return Types

A string containing md5 digest, if 'authtype' option is 'digest'. Otherwise returns null.

Examples
A VSP page performing digest authentication

The following page check for digest authentication and returns OK if authentication succeeds, otherwise it asks for authentication again.

      <?vsp 
	  declare auth any;
	  declare cs varchar;
	  auth := app_auth_vec (lines);
	  if (not isarray (auth))
	    app_get_auth ();
	  cs := vsp_calculate_digest ('u1', 'secret', auth);
	  if (cs is not null and cs = get_keyword ('response',auth))
	     http ('OK');
	  else
	    app_get_auth ();
      ?>

      -- making the HTTP Digest authentication header 
      create procedure app_get_auth ()
       {
         http_request_status ('HTTP/1.1 401 Unauthorized');
	 http_header (sprintf ('WWW-Authenticate: Digest realm="%s", domain="%s", nonce="%s", opaque="%s", stale="%s", qop="auth", algorithm="MD5"\r\n', 'my_realm', http_path(), md5 (datestring (now ())), md5 ('some string for hash'), 'false'));
       }; 

      -- returns an array suitable for vsp_calculate_digest  
      create procedure app_auth_vec (in lines any)
       {
	  declare ahdr, arr, authvec any;
	  ahdr := http_request_header (lines, 'Authorization');
	  if (isstring (ahdr) and ahdr like 'Digest%')
	    {
	      ahdr := subseq (ahdr, 6, length (ahdr));
	      arr := split_and_decode (ahdr, 0, '\0\0,=');
	      authvec := vector ('authtype', 'Digest', 'method', http_request_get ('REQUEST_METHOD'));
	      foreach (varchar elm in arr) do
		{
		  declare elm1 varchar;
		  elm1 := trim (elm, '" ');
		  authvec := vector_concat (authvec, vector (elm1));
		}
    	     }
	   return authvec;	
       }      
	  
See Also

vhost_define