On 16/03/2015 11:23, Igor Mukhin wrote: > Mark, > > thanks you, now I understand how it is build. > > I think that I have to use plain MD5 without salt if I want to use DIGEST > authentication.
Correct. > Tomcat 8 documentation should say that people have to use "-s 0" flag and > copy md5 just after the last $-sign. I'll take a look. We can also modify the output format for no salt and 1 iteration. Mark > > Mit freundlichen Grüßen > Igor Mukhin > > -----Ursprüngliche Nachricht----- > Von: Mark Thomas [mailto:ma...@apache.org] > Gesendet: Montag, 16. März 2015 12:17 > An: Tomcat Users List > Betreff: Re: digest.bat -a MD5 in Tomcat 8 > > On 16/03/2015 10:22, Igor Mukhin wrote: >> Hello, >> >> I just tried to execute on Tomcat 8.0.20 : >> digest.bat -a MD5 myusername:myrealm:mypassword and it replyed with: >> >> myusername:myrealm:mypassword:283c7c0d977648d4dc3def5a20e2a595701a7542 >> 44baec7153d40e8ee30ff6a5$1$f47f1b081edd3627ed24d67274dd6e15 >> >> I used this long MD5 >> (283c7c0d977648d4dc3def5a20e2a595701a754244baec7153d40e8ee30ff6a5$1$f4 >> 7f1b081edd3627ed24d67274dd6e15) in my tomcat-user.xml and the user >> couldn't login with DIGEST method. >> >> Then I tried to execute the same command on Tomcat 6.0.43 and got: >> >> myusername:myrealm:mypassword:8fcc8ae2c169463bab76eb7124aede7b >> I used the short MD5 (8fcc8ae2c169463bab76eb7124aede7b) ) in my Tomcat >> 8's tomcat-user.xml and the login is working again! (DIGEST method) >> >> Question: Why Tomcat8's digest.bat is generating such a long MD5? It doesn't >> look the same as earlier and it is not working. > > The credential output format is different (salt$iterations$digest) and salt > is enabled by default. If you try digest -s 0 -a MD5 foo:foo:foo you get > foo:foo:foo:$1$67ec44ba7c1234c8f201c261183e9d25 > > If you try digest -a MD5 foo:foo:foo on Tomcat 6 you get > foo:foo:foo:67ec44ba7c1234c8f201c261183e9d25 > > Tomcat 8 will accept either format although it always generates them in the > new format. > > Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > ________________________________ > > w.e.b. > Wirth EDV Beratung OHG > Jesuitenstrasse 11 > 85049 Ingolstadt > > Telefon +49 (0)841 981280 > Telefax +49 (0)841 9812828 > > http://www.web-dienstleister.de > > Sitz der Gesellschaft: Ingolstadt > Registergericht: Amtsgericht Ingolstadt, HRA 1833 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
