On Jun 23, 2006, at 12:04 PM, Ben Schaffhausen wrote:

> Hello,
>
> I've been trying to implement (client-side) Digest Authentication
> capabilities to Net:HTTP (as stated in RFC2617)  and am having trouble
> modifying the headers before I send the request to the server.
>
> So far I'm just starting, and am relatively new to ruby. But I am able
> to request a page from the server, receive the 401 Forbidden message,
> and extract the needed information from the header. Now I use that
> information, plus a username and password to formulate a proper header
> to use in my next request.  But I don't know how to do that.

http://segment7.net/projects/ruby/snippets/digest_auth.rb

Set the third argument to true if authenticating against an IIS  
server, since Microsoft implements RFC 2617 differently from  
everybody else. You can typically determine if a server needs the  
hack from the Server header.

Try this, I don't have a server using digest auth available, so I  
can't test for you.

require 'digest_auth'

uri = URI.parse 'http://user:pass / 192.168.123.72:81/hierarch.htm'

res = Net::HTTP.start(uri.host, uri.port) {|http|
   response = http.head uri.request_uri
   authorization = DigestAuth.gen_auth_header uri, response['www- 
authenticate']
   http.get '/hierarch.htm', 'Authorization' => authorization
}

puts res.body

-- 
Eric Hodel - drbrain / segment7.net - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant

http://trackmap.robotcoop.com