Restlet DigestAuthenticator hashed local secret

I am trying to use a DigestAuthenticator to secure some parts of an API I am creating using Restlet. In all of the examples, the DigestAuthenticator expects to wrap a LocalVerifier that will return the local secret in plain text. Obviously, I do not want to store all of my users' passwords in plain text. How can I use HTTP Digest with Restlet while not providing the local开发者_如何学运维 secret in plain text?

I have written a LocalVerifier that uses the identifer to query a db and retrieve a sha1'd password, but it doesn't work unless my Verifier returns the password in plain text.

Any ideas?

So basically I hashed all the passwords on the server side in the database, and I hashed the password on the client side before it was hashed by http digest. Seems like a more secure solution to me anyway.