RE: Valid values for digestEncoding attribute?

Thu, 27 Jan 2011 03:13:44 -0800 

Thank-you Konstantin...I think I was misled by some postings I read while
searching, that referred to specifying either hex or base64 in the realm
configuration.

This time, I left out the digestEncoding attribute altogether, reducing the
<Realm> tag in context.xml to the following:

<Realm 
className="org.apache.catalina.realm.JDBCRealm" debug="99"
      driverName="org.gjt.mm.mysql.Driver" 
connectionURL="jdbc:mysql://localhost:3306/<databasename>?user=<username>&am
p;password=<userpassword>"
userTable="users"
userNameCol="id"
userCredCol="passwd"
userRoleTable="userroles"
roleNameCol="role"
digest="MD5"/>

The purpose underlying the question was to authenticate against my MySQL
database. I was failing under the following conditions:

Password digested at browser using SHA-1
Password stored in table as base64-encoded SHA-1 digest


I succeeded under the following conditions:

Password digested at browser using MD5
Password stored in table as MD5 digest without encoding


Now I just need to find out which of the modifications fixed my fault.


Cheers,

Etienne


-----Original Message-----
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] 
Sent: 27 January 2011 11:56
To: Tomcat Users List; ed...@ieee.org
Subject: Re: Valid values for digestEncoding attribute?

2011/1/27 Ing. Etienne V. Depasquale <ed...@ieee.org>:
> Good day,
>
>
>
> I am unable to identify valid values for the digestEncoding attribute to
use
> with the <Realm> tag of my app's context.xml file.
>
> I've inspected RealmBase.java and JDBCRealm.java, apart from some
googling,
> without finding anything suitable.

http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/realm/RealmB
ase.html
says it is "The encoding charset for the digest." -- note the "charset" word

So "ISO-8859-1" might be good?
If not set (null) it defaults to the platform default charset.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to