encode_password


Description:

public static string encode_password (string username, string realm, string password)

Encodes the username/realm/password triplet for Digest authentication.

That is, it returns a stringified MD5 hash of username, realm, and password concatenated together. This is the form that is needed as the return value of AuthDomainDigest's auth handler.

For security reasons, you should store the encoded hash, rather than storing the cleartext password itself and calling this method only when you need to verify it. This way, if your server is compromised, the attackers will not gain access to cleartext passwords which might also be usable at other sites. (Note also that the encoded password returned by this method is identical to the encoded password stored in an Apache .htdigest file.)

Parameters:

username

a username

realm

an auth realm name

password

the password for username in realm

Returns:

the encoded password