From 247b9742e4d4c97f77c3f9b80cede32685b38937 Mon Sep 17 00:00:00 2001
From: Donald Parish <donald.parish@buckle.com>
Date: Mon, 2 Feb 2009 15:11:58 -0600
Subject: [PATCH] Fixed http digest authentication to use credentials URI passed from client

---
 .../lib/action_controller/http_authentication.rb   |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/actionpack/lib/action_controller/http_authentication.rb b/actionpack/lib/action_controller/http_authentication.rb
index 5d915fd..2ccbc22 100644
--- a/actionpack/lib/action_controller/http_authentication.rb
+++ b/actionpack/lib/action_controller/http_authentication.rb
@@ -183,7 +183,7 @@ module ActionController
 
         if valid_nonce && realm == credentials[:realm] && opaque(request.session.session_id) == credentials[:opaque]
           password = password_procedure.call(credentials[:username])
-          expected = expected_response(request.env['REQUEST_METHOD'], request.url, credentials, password)
+          expected = expected_response(request.env['REQUEST_METHOD'], credentials[:uri], credentials, password)
           expected == credentials[:response]
         end
       end
-- 
1.6.1.9.g97c34