[geeklog-devel] Atom publishing
dracul01 at gmail.com
Thu May 29 13:46:32 EDT 2008
In order for the ATOM enabled site to work properly with what you need, you
need to have your password properly setup and passed to the site as
a "digest" ie.
1. create a "nonce"
2. get the timestamp the nonce was created on in W3DTF format:
3. create your password digest:
$PasswordDigest = Base64(SHA1("nonce goes here" + "Timestamp" + "password"))
Then you would send the PasswordDigest like this:
POST /atom.php HTTP/1.1
Authorization: WSSE profile="UsernameToken" <--- must always be UsernameToken
X-WSSE: UsernameToken Username="$User", PasswordDigest="$PasswordDigest",
<?xml version="1.0" encoding="utf-8"?>
<content type="application/xhtml+xml" xml:lang="en">
This looks confusing, but in all actuality it's pretty simple.
And really shouldn't be too hard to implement in PHP4.
Hope this info helps.
On Thursday 29 May 2008 12:46:25 pm Tony Bibbs wrote:
> 2) Flickr uses WSSE authentication. Which we can't support since it
> requires us to know the user's _unencrypted_ password.
> Thought about a password field in the DB separate from the current one used
> only for web services? I'm thinking of one that could be still encrypted
> with, say PEAR's Crypt_Blowfish library but only usable to make WS calls?
> Not sure how many ATOM clients use WSSE so maybe it's not worth the effort.
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
"Think for yourself and question authority." - Timothy Leary
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 194 bytes
Desc: This is a digitally signed message part.
More information about the geeklog-devel