insi wrote:
Hi,
My tomcat server is sending www-authenticate (digest) header but the header
doesn't contain the algorithm field, which one is choosen by default?
MD5
How do I specify it to use particular algorithm (sha1/md5)?
In short, you can't.
See HTTP 2616 and 2617.
Theoretically, you could, via the optional "Authentication-Info" header
indicated in RFC2617. But in the practice, to my knowledge, browsers
support only Digest with MD5, so it doesn't really help.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
