Please post a completely new message to the list, rather than just
editing the subject & body out for your message.
An edited reply appears as part of a existing thread, with an unexpected
subject change. This is called thread hijacking.
p
On 11/02/2010 19:13, Stanley Wong wrote:
I am u
List
Subject: RE: Digest Authentication
Thank you.
I make some progress, but still need some helps.
That is what I did:
1. replace the hashing algorithm from SHA to MD5.
2. remove the line from
The new section of web.xml looks as follows:
DIGEST
Thank you.
I make some progress, but still need some helps.
That is what I did:
1. replace the hashing algorithm from SHA to MD5.
2. remove the line from
The new section of web.xml looks as follows:
DIGEST
MD5
I generate
2010/2/11 Caldarale, Charles R :
> This is closer, but the doc says to include the realm name, not the word
> "Realm" in the calculation. The realm name appears to be the server name and
> port, but I haven't verified that.
>
The realm name is usually provided as Realm
in element in web.xml.
2010/2/11 Stanley Wong :
> I am using Tomcat 6.0. I try to implement digest authentication.
>
You are confusing DIGEST authentication (i.e., transmitting a hash of
password over network) with validating plain passwords using digest
(i.e, not storing a plain text password).
The value used in the
> From: Stanley Wong [mailto:w...@pcigeomatics.com]
> Subject: Digest Authentication
>
> digest -a sha stan1
The Tomcat doc makes no mention of using the stand digest tool, but instead
org.apache.catalina.realm.RealmBase. I have no idea if or how they differ in
their calculations.
> digest -a
