Hi all, Long story short: I started consulting in a company that is developing a product using Tomcat. They want to be able to run the application in different containers to make sure they are spec compliant and all, so I suggested Resin as an alternative.
I've been able to configure the datasources, massage the web.xml to be more compliant etc. but now I came across a problem I'm not sure how easy it is to solve: the authenticator. Both containers have an implementation of a typical jdbc authenticator... but for a tiny detail: Resin uses username+realm+password for the digest and Tomcat uses just the password, hence the digests do not match and all password are considered wrong in one of the containers. The passwords in use are already stored like that and changing them would not really solve the problem but move it to the Tomcat side. I don't use container based authentication in my own applications for this very reason, but they are using it and I thought that might not be an uncommon problem so... is there any way to configure com.caucho.server.security.JdbcAuthenticator to use just the password for the digests? Cheers! D. ---------------------------------------------------------------- _______________________________________________ resin-interest mailing list [email protected] http://maillist.caucho.com/mailman/listinfo/resin-interest
