[Catalyst-commits] r13842 - in Catalyst-Authentication-Credential-HTTP/1.000/trunk: . lib/Catalyst/Authentication/Credential

rjk at dev.catalyst.perl.org rjk at dev.catalyst.perl.org
Tue Dec 14 19:55:03 GMT 2010 

Author: rjk
Date: 2010-12-14 19:55:03 +0000 (Tue, 14 Dec 2010)
New Revision: 13842

Modified:
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes
   Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm
Log:
Improve documentation for authenticate_digest()

depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session
reorganize and clarify


Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes	2010-12-14 19:20:53 UTC (rev 13841)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/Changes	2010-12-14 19:55:03 UTC (rev 13842)
@@ -3,6 +3,9 @@
    - Make Test::Exception and Test::MockObject be listed as test_requires
      rather than requires (RT#54029)
    - Skip WWW::Mech tests unless WWW::Mech is a new enough version (RT#55303).
+   - Improve documentation for authenticate_digest() (rjk)
+     - depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session
+     - reorganize and clarify
 
 1.012 2010-03-07
    - Move actions out of the test applications to stop warnings.

Modified: Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm
===================================================================
--- Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm	2010-12-14 19:20:53 UTC (rev 13841)
+++ Catalyst-Authentication-Credential-HTTP/1.000/trunk/lib/Catalyst/Authentication/Credential/HTTP.pm	2010-12-14 19:55:03 UTC (rev 13842)
@@ -528,13 +528,18 @@
 
 =item authenticate_digest $c, $realm, \%auth_info
 
-Performs HTTP digest authentication. Note that the password_type B<must> by I<clear> for
-digest authentication to succeed, and you must have L<Catalyst::Plugin::Session> in
-your application as digest authentication needs to store persistent data.
+Performs HTTP digest authentication.
 
-Note - if you do not want to store your user passwords as clear text, then it is possible
-to store instead the MD5 digest in hex of the string '$username:$realm:$password' 
+The password_type B<must> be I<clear> for digest authentication to
+succeed.  If you do not want to store your user passwords as clear
+text, you may instead store the MD5 digest in hex of the string
+'$username:$realm:$password'.
 
+L<Catalyst::Plugin::Cache> is used for persistent storage of the nonce
+values (see L</Nonce>).  It must be loaded in your application, unless
+you override the C<store_digest_authorization_nonce> and
+C<get_digest_authorization_nonce> methods as shown below.
+
 Takes an additional parameter of I<algorithm>, the possible values of which are 'MD5' (the default)
 and 'MD5-sess'. For more information about 'MD5-sess', see section 3.2.2.2 in RFC 2617.

More information about the Catalyst-commits mailing list