/**
   * Initialize -- load password files etc. Password file format is name:authentication
   * domain:password
   *
   * @param pwFileName is the password file name.
   * @param Exception is thrown when the password file is bad.
   */
  public void initialize(String pwFileName) {
    try {
      XMLAuthenticationParser parser = new XMLAuthenticationParser(pwFileName);

      String def = parser.getRealm();
      if (def != null) DEFAULT_REALM = def;
      ProxyDebug.println(
          "DEBUG, DigestAuthenticationMethod, initialize()," + " the realm is:" + DEFAULT_REALM);
      Vector usersTagList = parser.getUsersTagList();
      if (usersTagList != null)
        for (int i = 0; i < usersTagList.size(); i++) {
          UserTag userTag = (UserTag) usersTagList.elementAt(i);
          String userName = userTag.getUserName();
          // String userRealm=userTag.getUserRealm();
          String userPassword = userTag.getUserPassword();
          if (userName != null) {

            if (userPassword == null) {
              ProxyDebug.println(
                  "DEBUG, DigestAuthenticationMethod, initialize(),"
                      + " the userPassword parameter does not exist for user: "******", we use the default: \""
                      + NULL_PASSWORD
                      + "\"");
              userPassword = NULL_PASSWORD;
            }
            passwordTable.put(userName + "@" + DEFAULT_REALM, userPassword);
          } else {
            ProxyDebug.println(
                "DEBUG, DigestAuthenticationMethod, initialize(),"
                    + " the userName parameter does not exist, we skip this entry!!");
          }
        }
      else
        ProxyDebug.println(
            "DEBUG, DigestAuthenticationMethod, initialize(),"
                + "Error during parsing the passwords file!");

    } catch (Exception e) {
      ProxyDebug.println("ERROR, DigestAuthenticationMethod, initialize()," + "exception raised:");
      e.printStackTrace();
    }
  }
  /**
   * Check the response and answer true if authentication succeeds. We are making simplifying
   * assumptions here and assuming that the password is available to us for computation of the MD5
   * hash. We also dont cache authentications so that the user has to authenticate on each
   * registration.
   *
   * @param user is the username
   * @param authHeader is the Authroization header from the SIP request.
   * @param requestLine is the SIP Request line from the SIP request.
   * @exception SIPAuthenticationException is thrown when authentication fails or message is bad
   */
  public boolean doAuthenticate(String user, AuthorizationHeader authHeader, Request request) {
    String realm = authHeader.getRealm();
    String username = authHeader.getUsername();
    URI requestURI = request.getRequestURI();

    if (username == null) {
      ProxyDebug.println(
          "DEBUG, DigestAuthenticateMethod, doAuthenticate(): "
              + "WARNING: userName parameter not set in the header received!!!");
      username = user;
    }
    if (realm == null) {
      ProxyDebug.println(
          "DEBUG, DigestAuthenticateMethod, doAuthenticate(): "
              + "WARNING: realm parameter not set in the header received!!! WE use the default one");
      realm = DEFAULT_REALM;
    }

    ProxyDebug.println(
        "DEBUG, DigestAuthenticateMethod, doAuthenticate(): "
            + "Trying to authenticate user: "******" for "
            + " the realm: "
            + realm);

    String password = (String) passwordTable.get(username + "@" + realm);
    if (password == null) {
      ProxyDebug.println(
          "DEBUG, DigestAuthenticateMethod, doAuthenticate(): "
              + "ERROR: password not found for the user: "******"@"
              + realm);
      return false;
    }

    String nonce = authHeader.getNonce();
    // If there is a URI parameter in the Authorization header,
    // then use it.
    URI uri = authHeader.getURI();
    // There must be a URI parameter in the authorization header.
    if (uri == null) {
      ProxyDebug.println(
          "DEBUG, DigestAuthenticateMethod, doAuthenticate(): "
              + "ERROR: uri paramater not set in the header received!");
      return false;
    }

    ProxyDebug.println(
        "DEBUG, DigestAuthenticationMethod, doAuthenticate(), username:"******"!");
    ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), realm:" + realm + "!");
    ProxyDebug.println(
        "DEBUG, DigestAuthenticationMethod, doAuthenticate(), password:"******"!");
    ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), uri:" + uri + "!");
    ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), nonce:" + nonce + "!");
    ProxyDebug.println(
        "DEBUG, DigestAuthenticationMethod, doAuthenticate(), method:" + request.getMethod() + "!");

    String A1 = username + ":" + realm + ":" + password;
    String A2 = request.getMethod().toUpperCase() + ":" + uri.toString();
    byte mdbytes[] = messageDigest.digest(A1.getBytes());
    String HA1 = ProxyUtilities.toHexString(mdbytes);

    ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), HA1:" + HA1 + "!");
    mdbytes = messageDigest.digest(A2.getBytes());
    String HA2 = ProxyUtilities.toHexString(mdbytes);
    ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), HA2:" + HA2 + "!");
    String cnonce = authHeader.getCNonce();
    String KD = HA1 + ":" + nonce;
    if (cnonce != null) {
      KD += ":" + cnonce;
    }
    KD += ":" + HA2;
    mdbytes = messageDigest.digest(KD.getBytes());
    String mdString = ProxyUtilities.toHexString(mdbytes);
    String response = authHeader.getResponse();
    ProxyDebug.println(
        "DEBUG, DigestAuthenticateMethod, doAuthenticate(): "
            + "we have to compare his response: "
            + response
            + " with our computed"
            + " response: "
            + mdString);

    int res = (mdString.compareTo(response));
    if (res == 0) {
      ProxyDebug.println(
          "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "User authenticated...");
    } else {
      ProxyDebug.println(
          "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "User not authenticated...");
    }

    return res == 0;
  }