diff --git a/auth-server.go b/auth-server.go
index 6f687097..61da50a0 100644
--- a/auth-server.go
+++ b/auth-server.go
@@ -35,7 +35,7 @@ func (as *AuthServer) GenerateHeader() []string {
 
 // ValidateHeader validates the Authorization header sent by a client after receiving the
 // WWW-Authenticate header provided by GenerateHeader().
-func (as *AuthServer) ValidateHeader(header []string, method string, path string) error {
+func (as *AuthServer) ValidateHeader(header []string, method Method, path string) error {
 	if len(header) != 1 {
 		return fmt.Errorf("Authorization header not provided")
 	}
@@ -87,7 +87,7 @@ func (as *AuthServer) ValidateHeader(header []string, method string, path string
 	}
 
 	ha1 := md5Hex(as.user + ":" + as.realm + ":" + as.pass)
-	ha2 := md5Hex(method + ":" + path)
+	ha2 := md5Hex(string(method) + ":" + path)
 	response := md5Hex(ha1 + ":" + as.nonce + ":" + ha2)
 
 	if inResponse != response {