Zend_Auth_Adapter_Http provides a mostly-compliant
implementation of RFC-2617,
Basic
and Digest
HTTP Authentication. Digest authentication is a method of
HTTP authentication that improves upon Basic authentication by
providing a way to authenticate without having to transmit the password in clear text
across the network.
Major Features:
Supports both Basic and Digest authentication.
Issues challenges in all supported schemes, so client can respond with any scheme it supports.
Supports proxy authentication.
Includes support for authenticating against text files and provides an interface for authenticating against other sources, such as databases.
There are a few notable features of RFC-2617 that are not implemented yet:
Nonce tracking, which would allow for "stale" support, and increased replay attack protection.
Authentication with integrity checking, or "auth-int".
Authentication-Info HTTP header.