To make your own org.exoplatform.services.organization.OrganizationService implementation able to use DIGEST authentication you need to make your UserHandler implementation also implement org.exoplatform.services.organization.DigestAuthenticator interface which provide more flexible authenticate method. As it is called from org.exoplatform.services.organization.auth.OrganizationAuthenticatorImpl it receive a org.exoplatform.services.security.Credential instances, you can get more information from org.exoplatform.services.security.PasswordCredential.getPasswordContext(). It can be used to calculate md5 digest of original password to compare it with recieved from clientside.