4-Jun-13 (Created: 4-Jun-13) | More in 'Aspire Knowledge Center (akc)'

Research on http digest and persistent logins inorder to extend akc logins

You will find here research on http digest and persistent logins inorder to extend akc logins. See here how this theory is then used to implement. Implementation Details. See the most important references on this subject at the bottom of this page.

Acknowledgements and Key References

1) A quick read on what digest authentication is. This introuductory document is useful as a quick reference for how the various parts of http digest is calculated. Introduces such things as nonce, cnonce etc and lays out the formulas in a concise manner.

2) Http Digest RFC 2617. Http Digest RFC 2617 this is actually readable. Probably a must read before you complete your implementation. Talks about various attacks and how each piece of the http digest tries to address. It is a bit tough to read through but an essential and once you get it, it is a great read!

3) The definitive guide to web site authentication schemes at Stack Over Flow

4) A discussion at SOF on variious auth schemes

5) Munir Usamas sample code for Http Digest for J2EE. This was an invaluable resource for me. I have borrowed most of my code from here. Many many thanks to Munir Usama.

6) Apace Commons Codec: Required for generating MD5 digests. Munir's code uses this library if you intend to borrow his code like I did.

7) J2EE documentation on working with Cookies

8) http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/ . Persistent Login Cookie Best Practice by Charles Miller. This appears to be the most referenced document on the the subject of persistent logins

9) Here is a related dicussion at Stack Over Flow on Persistent Logins