-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joe,
Joe A wrote: > i'm talking about the part of configuration that lets you choose specify how > the passwords are stored in the users table. I think for DIGEST auth, you don't want /any/ hashing for the password in the user's table. You want the value in your database to be: MD5(username:realm:password) Otherwise, you'll have to store it in plain-text (or reversible encryption) in order to properly check against the incoming hash from the client. As Mark says, anything supported by the JVM is legal as a hashing function, here. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjYDeYACgkQ9CaO5/Lv0PAu2ACfauehk2vMrvv2Or4mRIDnEq4Y sT4An0PoLwTNeZ91bSI2MAw2TtJhpiUC =luOm -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
