public function beforeAuthentication() { if (!parent::beforeAuthentication()) { return false; } //parse digest if (!isset($_SERVER['PHP_AUTH_DIGEST'])) { return false; } try { $this->receivedDigest = new AHttpDigest($_SERVER['PHP_AUTH_DIGEST']); } catch (Exception $e) { throw new CHttpException(400, $e->getMessage()); } //check if digest succesfully parsed and available for further processing if (!$this->receivedDigest || !$this->receivedDigest->response) { return false; } //get nonce from digest $this->nonce = $this->getReceivedNonce(); if (!$this->nonce) { return false; } //check nonce if ($this->nonce->isExpired()) { //tell client his authentantion data is stale //so he can automatically reauthenticate, without asking the user //for new credentials $this->sendDigestResponseHeaders(true); Yii::app()->end(); //halt execution } //Load an identity with only the username. //The user password is not sent unencrypted over the wire in //HTTP Digest Authentication, so it's not available for us to use here). $this->identity = $this->loadIdentity($this->receivedDigest->username); //Link challenge response callback to identity instance for digest authentication //NOTE: this property will be available because loadIdentity() applies AIdentityBehaviorDigest to the identity instance. $this->identity->challengeResponseCallback = array($this, 'testChallengeResponse'); return true; }