Great- thanks a lot for that. I'll have a read up, but it's obviously
going to be hard recoding the digested passwords when i don't know the
original.
Mark Thomas wrote:
digby wrote:
Is there anything to be aware of when (confusingly) you're doing DIGEST
authentication with a standard JDBC realm using MD5 digested passwords?
I've just tried changing an existing app with BASIC authentication to
DIGEST and it stopped authenticating me. I tried all sorts of web.xml
combinations but nothing worked until I put it back to BASIC.
If you switch from BASIC auth + MD5 digested password in realm to DIGEST
auth + MD5 digested password in realm then you will need to regenerate
the digests.
In the BASIC auth + digested passwords case you digest:
password
In the DIGEST auth + digested passwords case you digest:
username:realm:cleartext-password
The realm is as specified in web.xml or, if not specifed, host:port
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#Digested%20Passwords
explains this fully.
HTH,
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
