Zend\Authentication\Adapter\Http
provides a mostly-compliant implementation of RFC-2617
, Basic and Digest HTTP Authentication. Digest authentication is a method of HTTP authentication that improves upon Basic authentication by providing a way to authenticate without having to transmit the password in clear text across the network.
Major Features :
* Supports both Basic and Digest authentication.
* Issues challenges in all supported schemes, so client can respond with any scheme it supports.
* Supports proxy authentication.
* Includes support for authenticating against text files and provides an interface for authenticating against other sources, such as databases.
There are a few notable features of RFC-2617 that are not implemented yet :
* Nonce tracking, which would allow for “stale
” support, and increased replay attack protection.
* Authentication with integrity checking, or “auth-int
”.
* Authentication-Info HTTP header.