This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 9e3e1dac62 Partial fix for BZ 69852 - correct documentation for {SSHA}
9e3e1dac62 is described below
commit 9e3e1dac62deadee7e46c90d22924964cd78a3e4
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Nov 4 17:13:59 2025 +0000
Partial fix for BZ 69852 - correct documentation for {SSHA}
https://bz.apache.org/bugzilla/show_bug.cgi?id=69852
---
webapps/docs/config/credentialhandler.xml | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/webapps/docs/config/credentialhandler.xml
b/webapps/docs/config/credentialhandler.xml
index c7fe2718e4..5598f5fcaa 100644
--- a/webapps/docs/config/credentialhandler.xml
+++ b/webapps/docs/config/credentialhandler.xml
@@ -90,8 +90,9 @@
digest of the password</li>
<li><strong>{SHA}encodedCredential</strong> - a Base64 encoded SHA1
digest
of the password</li>
- <li><strong>{SSHA}encodedCredential</strong> - 20 character salt followed
- by the salted SHA1 digest Base64 encoded</li>
+ <li><strong>{SSHA}encodedCredential</strong> - 20 bytes of the salted
SHA1
+ digest of the password, followed by the variable length salt bytes, all
+ Base64 encoded</li>
<li><strong>salt$iterationCount$encodedCredential</strong> - a hex
encoded
salt, iteration code and a hex encoded credential, each separated by
$</li>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
