Hello Community,
I have a question regarding HTTP communication using the digest authentication in protocols.
From what I read on the docs the approach should be using the "loginMethod="credentials" attribute with provided "userName" and "password" attributes. This is how my session is currently built (dummy data example):
<Session id="1" loginMethod="credentials" userName="10" password="11" name="GetData">
<Connection id="1" name="Data">
<Request verb="GET" url="dummy/url">
</Request>
<Response statusCode="20">
<Content pid="21"></Content>
</Response>
</Connection>
</Session>
But I am getting back from the device 401 Unauthorized response, form the documentation available I couldn't find any other information if something in the headers needs to be included to get it working. Did anyone had any experience implementing this authentication previously?
The device is using "SHA-256" algorithm, and in postman data is being returned as it should be by setting the authentication method to digest, setting the username, password and the algorithm.
Thank you in advance.
The session that you configured should be sufficient to get Digest authentication working in a DataMiner connector.
However, WinHTTP (the engine that DataMiner HTTP connectors are using behind the screen) only has support for Digest authentication using the MD5 algorithm which is how it was described in the original standard.
SHA-256 and SHA-512 have been added later to the standard but WinHTTP has never been updated to support this newer standard.
If it is impossible to use MD5 as the algorithm for compliance or security reasons, I advise you to execute the HTTP requests in a QAction through .NET's HttpClient.
Hi Jeroen, this is the information I was looking for, thank you.