Authentication with OpenRasta

Question

I'm trying to use OpenRasta for a simple RESTful service. This service needs to be secured with either http Basic authentication or (preferably) Digest.

Looking around the net, there are tens of webpages writing how wonderful OpenRasta is and that it even supports Digest authentication but I haven't been able to find a single example of how to enable either of those for my service.

Putting a RequiresAuthentication on my method or handler doesn't seem to be doing anything.

Has anyone actually done this ever before? Or is it just a dreamware?

UPDATE: I gave up on getting to work and went with Scott Littlewoods fork of OpenRasta. He has changed the way authentication works and using his implementation, I managed to do both Basic and Digest.

Answer 1

I've put together a small blog post and sample application to show how to enable Digest Authentication using the current RTM of OpenRasta.

http://scottondotnet.blogspot.com/2010/10/openrasta-digest-authentication.html

The source code can be found here: http://github.com/scottlittlewood/OpenRastaDigestDemo

Answer 2

Look at the classes in OpenRasta.Security. THere's an IAuthenticationProvider you need to implement and register in the container for digest to kick in.

Check the debug log if after doing this it still doesn't work, and send a copy of it on the mailing lists, people there will be able to help you.

Answer 3

I think the issue is with the use of Cassini (built in to VS.NET) to debug. Cassini doesn't support authentication like IIS does. When I switched to using IIS it began to prompt me for authentication.