> The problem > is that Tomcat computes the digest without a salt and, therefore, > authentication is failing because the two digested versions of the same > password are different.
If there is not a feature within Tomcat to allow adding the username as a salt to the MD5 hash, then Tomcat is broken. This is so common, I cannot imagine any product bothering to implement MD5 hashing without allowing a fairly generic salting API call. Thankfully, Tomcat comes with source, so it can be fixed if, indeed, it is broken. Do not waste any energy trying to get Postgres to not salt the hash, you'd be using energy ruining one product instead of fixing another. -- Tim Ellis Senior Database Architect ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
