digby wrote: > Is there anything to be aware of when (confusingly) you're doing DIGEST > authentication with a standard JDBC realm using MD5 digested passwords? > > I've just tried changing an existing app with BASIC authentication to > DIGEST and it stopped authenticating me. I tried all sorts of web.xml > combinations but nothing worked until I put it back to BASIC.
If you switch from BASIC auth + MD5 digested password in realm to DIGEST auth + MD5 digested password in realm then you will need to regenerate the digests. In the BASIC auth + digested passwords case you digest: password In the DIGEST auth + digested passwords case you digest: username:realm:cleartext-password The realm is as specified in web.xml or, if not specifed, host:port http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#Digested%20Passwords explains this fully. HTH, Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
