Using the web:response-header() function from the BaseX Web Module seems to work for overriding default headers (http://docs.basex.org/wiki/Web_Module#web:response-header). I do wonder why the behavior differs between this function and directly using a rest:response element. Shouldn't these two be equivalent?

Thanks,

Tim

--
Tim A. Thompson
Discovery Metadata Librarian
Yale University Library

On Thu, Aug 17, 2017 at 11:50 AM, Tim Thompson <timathom@gmail.com> wrote:

Hello,

Is it possible to overwrite default HTTP headers in RESTXQ? I am running BaseX in Tomcat 7 and have set the authmethod param set to "Custom." I wanted to define my own WWW-Authenticate header for Digest authentication. I tried something like this:

<http:header
        name="WWW-Authenticate"
        value="{
          ``[Digest realm="BaseX",
                    qop="auth, auth-int",
                    algorithm=MD5,
                    nonce=`{hash:md5(random:uuid())}`]``
        }"/>

(in a custom response, as specified in http://docs.basex.org/wiki/RESTXQ#Custom_Response).

However, the WWW-Authenticate header only returns a value of Custom realm="BaseX" no matter what I do in the custom RESTXQ response.

Thanks in advance,
Tim

--
Tim A. Thompson
Discovery Metadata Librarian
Yale University Library