It would be great if provide a function for authenticating username like ***pv_www_authenticate(realm, passwd, flags [, method])***
Purpose: The purpose behind this is i want to modify username and then authenticate according to credentials saved in DB.
In my opinion this does not make sense.
The username value is taken from the `username` field of `(Proxy-)Authorization` header and that is the value the UAC used to build the Digest response. If you use a different value, practically the authentication fails. The Digest response has the username hashed inside, the HA1 being `MD5(username:realm:password)`. To have a successful authentication, the same username must be used by server side as well.
If you just need to load the password by matching a different username, then sqlops can be used to do any kind of query. Anyhow pv_www_authenticate() doesn't do any database query.
In case you want to achieve something else, I would suggest to discuss first on sr-users mailing list to properly understand the needs. Again, this one with a custom username contradicts the authentication algorithm specs. I am closing this one for now, it can be reopened if there is a different conclusion after discussions on sr-users mailing list.
Closed #1817.
-
Daniel-Constantin Mierla -
Prabhat Kumar