Digest Authentication

Stanley Wong Thu, 11 Feb 2010 11:13:40 -0800

I am using Tomcat 6.0. I try to implement digest authentication. 

That is what I do:


1. Deploy a auth.war file to Tomcat, whose web.xml has this setting:

        <!-- Default page to serve -->
        <welcome-file-list>
                <welcome-file>Auth.html</welcome-file>
        </welcome-file-list>

        <security-constraint>
                <web-resource-collection>
                        <web-resource-name>Web
Resource</web-resource-name>
                        <url-pattern>/*</url-pattern>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>author</role-name>
                </auth-constraint>
        </security-constraint>

        <login-config>
                <auth-method>DIGEST</auth-method>
                <digest>SHA</digest>
                <realm-name>Realm</realm-name>
        </login-config>

        <security-role>
                <role-name>author</role-name>
        </security-role>

2. UserDatabaseRealm

The Realm in use is UserDatabaseRealm, where usernames and passwords are
stored in tomcat-users.xml:

<tomcat-users>
  <role rolename="author"/>
  <user username="stan1"
password="2b43fb8b7a234825d50dd49ce7892d78a59da8f3" roles="author"/>
  <user username="stan2"
password="389ccb5689c09fb8528d7e5bdc056abe7617f1d2" roles="author"/>
/tomcat-users>

The password of username is stan1, the digested password is generated
from this command line:

digest -a sha stan1

The password of username is stan2, the digested password is generated
from this command line:

digest -a sha stan2:Realm:stan2


3. server.xml

I add these lines to server.xml

      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
                  resourceName="UserDatabase" digest="SHA"/>

      <!-- Define the default virtual host
           Note: XML Schema validation will not work with Xerces 2.2.
       -->
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true"
            xmlValidation="false" xmlNamespaceAware="false">

                <Realm
className="org.apache.catalina.realm.UserDatabaseRealm" 
                resourceName="UserDatabase" digest="SHA"/>

        </Host>


4. Run the app

I deployed the war to localhost, and access to the web app
(http://localhost:8079/Auth)


Unfortunately, the digest authentication always fails. 

What could be wrong?


Stanley 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Digest Authentication

Reply via email to