Digest authentication in Katalon Studio
Requirements
Katalon Studio version 9.7.0 onwards.
What is Digest authentication?
Digest authentication is an HTTP-based authentication protocol that enhances security by using MD5 cryptographic hashing and a nonce value to prevent replay attacks. Unlike Basic authentication, it transmits a hash of the username and password, ensuring that these credentials are not sent in plaintext over the network. While it secures the authentication credentials, the actual body of the HTTP message remains unencrypted unless Secure Sockets Layer (SSL) is used.
Supported fields in Katalon Studio
Name | Description |
---|---|
Username | The username of the account used to authenticate. |
Password | The password of the account used to authenticate. |
Realm | A string specified by the server in the WWW-Authenticate response header. It should include the name of the host performing the authentication and may also indicate the group of users who might have access. |
Nonce | A unique string specified by the server in the WWW-Authenticate response header to prevent replay attacks. |
Algorithm | A string that indicates a pair of algorithms used to produce the digest and a checksum. Value list:
|
qop | The "quality of protection" applied to qop the message. The server specifies this value in the WWW-Authenticate response header.Value list:
|
Nonce Count | The hexadecimal count of the number of requests (including the current request) that the client has sent with the nonce value. This must be specified if a qop directive is sent, and must not be specified if the server did not send a qop directive in the |
Client Nonce | An opaque quoted string provided by the client and used by both the client and server to prevent chosen plaintext attacks, ensure mutual authentication, and maintain message integrity. This must be specified if a qop directive is sent, and must not be specified if the server did not send a qop directive in the |
Opaque | A string of data specified by the server in the WWW-Authenticate response header, intended to be used unchanged across URIs within the same protection space. It is recommended that this string be in base64 or hexadecimal data. |