Python code to do the *server* side of digest authentication?

[Larry Bates]

Dan Lenski wrote:
> Hi all,
> I've got a very simple HTML proxy server to access the web from my
> cell phone (based on this code: http://www.okisoft.co.jp/esc/python/proxy/).
> It's a very retarded phone that freezes if there's no Content-Length
> header and some other circumstances, so I have to tweak and modify the
> headers received slightly.  But it works quite well with these hacks.
> 
> Now I'd like to add proxy authentication so that I'm not running this
> open proxy all the time.  I would like to use Digest authentication
> (http://en.wikipedia.org/wiki/Digest_access_authentication) rather
> than Basic authentication so as not to expose any plaintext password.
> 
> It appears that there are plenty of Python libraries to do the
> *client* side of the authentication (e.g. urllib2) but I have not
> found much code that does the *server* side of the authentication.
> That is, I am looking for code to generate the WWW-Authentication
> header (including appropriate nonce and opaque string) and to verify
> the Authorization header sent by the client when it retries.
> 
> It does not look *too* hard to implement, but it does involve crypto
> and I'd just as soon use some tried-and-true code rather than roll my
> own in this case.  Does anyone have any suggestions of where to find
> such code?
> 
> Thanks!
> 
> Dan
> 
I think that is because normally the web server does the authentication on the
server side.  Why not use Apache to do the digest authentication?

http://httpd.apache.org/docs/2.0/mod/mod_auth_digest.html

-Larry