public boolean postAuthentication(HttpServletRequest req, HttpServletResponse resp) { String authHeader = req.getHeader("Authorization"); if (authHeader == null) { return false; } String headerFields = authHeader.substring("Digest: ".length() - 1); String nonce = HttpUtil.extractHeaderField(headerFields, "nonce"); String opaque = HttpUtil.extractHeaderField(headerFields, "opaque"); if (nonce == null || opaque == null) { return false; } Principal principal = SecurityContext.getSecurityContext().getPrincipal(); if (principal == null) { return false; } if (this.maintainState) { StateEntry entry = (StateEntry) this.stateMap.remove(nonce + ":" + opaque); if (entry == null) { return false; } Date timestamp = new Date(); String nextNonce = this.generateNonce(); entry.setUsername(principal.getQualifiedName()); entry.setNonce(nextNonce); entry.setTimestamp(timestamp); entry.setNonceCount(entry.getNonceCount() + 1); entry.setStale(false); this.stateMap.put(nextNonce + ":" + opaque, entry); resp.addHeader("Authentication-Info", "nextnonce=" + nextNonce); } return false; }