Skip to main content
Hashnodehashcodehubhashcodehub

Command Palette

Search for a command to run...

How does http-digest authentication works

Published
1 min read
S
sandeep negi

I love learning about technology and sharing that with others

Part of seriesSystem Design

  1. Client makes request

  2. Client gets back a nonce from the server and a 401 authentication request

  3. Client sends back the following response array (username, realm, generate_md5_key(nonce, username, realm, URI, password_given_by_user_to_browser)) (yea, that's very simplified)

  4. The server takes username and realm (plus it knows the URI the client is requesting) and it looks up the password for that username. Then it goes and does its own version of generate_md5_key(nonce, username, realm, URI, password_I_have_for_this_user_in_my_db)

  5. It compares the output of generate_md5() that it got with the one the client sent, if they match the client sent the correct password. If they don't match the password sent was wrong.

#http#authentication
14 views

Comments

Join the discussion

No comments yet. Be the first to comment.

System Design

Part 15 of 15

Series of Articles focused only on System Design and creating , Highly Available, Fault tolerant and low latency system

Start from the beginning

What is Load Balancer and How it works ?

What is load balancer and how it works ? routing traffic from the client --> Server, acting as a cop in between Server will have now the private IP and the Load balancer will have the public api and this load balancer will route the traffic to the...

More from this blog

H

hashcodehub

271 posts

Consistent, Passionate and Organized :)