posted 18 years ago
hello all..
i m making a server client authentication model for this i m using MessageDigest class and its MD5 method.
By the help of this i am generating a random field called "key". And this key sends to the client, with username called "vinay", and ServerName��..
Sent field:-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
WWW-Authenticate:: ServerName="WORKGROUP", key="0c977ebb93725e437e7d75f8adc1dc", UserName="vinay", algorithm="MD5";
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
And client should reply with same key (same value), ServerName and a predefined password (that server provide),that password is encrypted in response field by using MD5 algorithm.
received field:-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Authorization:: response="6486aafa17e2ebe3546d84a4e83c767e", UserName="vinay", ServerName="WORKGROUP", key="0c977ebb93725e437e7d75f8adc1dc", algorithm="MD5"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
So in the received Header we have a new RESPONSE field which encrypted with password.
So problem is that ::-
How I can get PASSWORD from response field for authentication. means how can i decrypt that Response field.