Johnny Kewl wrote: > I dont think you can do what you want to... > I dont think you can use web based DIGEST authentication. > And then hide passwords in a MD5 digest as well.
Yes you can. > I think web based DIGEST authentication, MUST get at the plain text > password. No. > That process has to be repeated on the server, and SHA(Password) + plus > some random stuff NOT EQUAL to browser... > I think it has to be a plain text password... unless TC does something > unbelievable... Not unbelievable. Just plain cold logic. The use of DIGEST auth and digested passwords are 100% independent. Mark --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
