Support Digest authentication with SHA-256

[sbordet]

Jetty version(s)
12.1.x

Enhancement Description
RFC7616 now specifies that Digest authentication can be performed with SHA-256 (was MD5 only before).

Jetty's client can already support that, but on the server the MD5 algorithm is hardcoded, while should be configurable.

[zzzi2p]

I was invited to submit a PR for this based on my code at https://github.com/zzzi2p/jetty-multiauth . Unfortunately I won't be able due to lack of time and ability to test because my project is on 9.3/9.4. So I offer my code for some motivated person to adapt into a PR.

My class is an all-in-one authenticator that does SHA256, MD5, and Basic, if enabled. A couple things to consider:

• This will interact with your MultiAuthenticator PR Issue #5442 - add MultiAuthenticator to support multiple authentication options #12393 and I picked the same name for the class so that will have to be straightened out
• I only put the options for the three auth types in the constructor, you'll have to add the configurations
• Docs, tests, javadoc fixups
• Any changes necessary for 12.1

[joakime]

@zzzi2p you know that Jetty 9.3/9.4 is EOL right?

• EOL (End of Life) for Jetty 9 - January 2025 #7958
• EOL (End of Life) for Jetty 10 / Jetty 11 - January 2025 #10485

[zzzi2p]

of course; we're on it for Java 8 support.