if (authentication_scheme.equalsIgnoreCase(scheme))
{
DigestAuthentication auth=new DigestAuthentication(msg.getRequestLine().getMethod(),ah,null,keyToPasswd(authentication_service.getUserKey(user)));
// check user's authentication response
boolean is_authorized=auth.checkResponse();
rand=pickRandBytes();
if (!is_authorized)
{ // authentication/authorization failed