DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=32502.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
/show_bug.cgi?id=32502
Summary: Memory leak in Digest Authentication
Product: Tomcat 5
Version: 5.0.29
Platform: Macintosh
OS/Version: Mac OS X 10.3
Status: NEW
Severity: critical
Priority: P2
Component: Catalina
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=32502.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=19767.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
/show_bug.cgi?id=31683
It should be documented that JDBCRealm doesn't support digest authentication
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW
/show_bug.cgi?id=31683
It should be documented that JDBCRealm doesn't support digest authentication
--- Additional Comments From [EMAIL PROTECTED] 2004-10-22 20:40 ---
The user database implementation in Tomcat 5.0.29 doesn't seem to work with
DIGEST authentication
isn't stable by
then). I should be in a position to commit something in the next day or so.
Mark
-Original Message-
From: Shinobu Kawai [mailto:[EMAIL PROTECTED]
Sent: Monday, October 18, 2004 2:59 AM
To: [EMAIL PROTECTED]
Subject: DataSourceRealm + DIGEST authentication
Hi all
by the end of this month. I
probably won't be able to test everything thoroughly, but I will test
what I need (which is DIGEST authentication).
Best regards,
-- Shinobu Kawai
--
Shinobu Kawai [EMAIL PROTECTED]
-
To unsubscribe, e-mail
Hi all,
I'm making a DataSourceRealm that works with DIGEST authentication. I'm
planning to achieve this by extending DataSourceRealm and implementing
getPassword() and getPrincipal(). I would like to reuse the
credentials(Connection, String) and roles(Connection, String) methods
/show_bug.cgi?id=31683
It should be documented that JDBCRealm doesn't support digest authentication
--- Additional Comments From [EMAIL PROTECTED] 2004-10-13 18:57 ---
Care to submit a doc patch?
-
To unsubscribe, e-mail
/show_bug.cgi?id=31683
It should be documented that JDBCRealm doesn't support digest authentication
Summary: It should be documented that JDBCRealm doesn't support
digest authentication
Product: Tomcat 5
Version: 5.5.3
Platform: Other
/show_bug.cgi?id=19767
Digest authentication doesn't work with JDBCRealm
[EMAIL PROTECTED] changed:
What|Removed |Added
CC||[EMAIL PROTECTED
/show_bug.cgi?id=22563
Digest authentication failure due to bug in
org.apache.catalina.authenticator.DigestAuthenticator
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW
/show_bug.cgi?id=9851
Digest Authentication Doesn't Work Properly with Mozilla
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|REOPENED|RESOLVED
/show_bug.cgi?id=20419
UserDatabaseRealm doesn't support Digest authentication
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW |RESOLVED
/show_bug.cgi?id=19767
Digest authentication doesn't work with JDBCRealm
[EMAIL PROTECTED] changed:
What|Removed |Added
CC||[EMAIL PROTECTED
/show_bug.cgi?id=22563
Digest authentication failure due to bug in
org.apache.catalina.authenticator.DigestAuthenticator
Summary: Digest authentication failure due to bug in
org.apache.catalina.authenticator.DigestAuthenticator
Product: Tomcat 4
Version
/show_bug.cgi?id=22563
Digest authentication failure due to bug in
org.apache.catalina.authenticator.DigestAuthenticator
--- Additional Comments From [EMAIL PROTECTED] 2003-08-19 17:42 ---
Created an attachment (id=7890)
Parsing of nc token in digest response will remove quotes if they exist
[EMAIL PROTECTED] wrote:
Here I attach a patch for DigestAuthentication.java that should fix the
problems with DIGEST authentication.
-// in some cases qop has quotes, and in some not. We'll
support both
-if (currentTokenValue.startsWith
/show_bug.cgi?id=20419
UserDatabaseRealm doesn't support Digest authentication
Summary: UserDatabaseRealm doesn't support Digest authentication
Product: Tomcat 4
Version: 4.1.24
Platform: All
OS/Version: All
Status: NEW
Severity
/show_bug.cgi?id=20419
UserDatabaseRealm doesn't support Digest authentication
--- Additional Comments From [EMAIL PROTECTED] 2003-06-02 14:47 ---
Created an attachment (id=6598)
Proposed fix
-
To unsubscribe, e-mail: [EMAIL
/show_bug.cgi?id=9851
Digest Authentication Doesn't Work Properly with Mozilla
--- Additional Comments From [EMAIL PROTECTED] 2003-05-30 16:54 ---
Created an attachment (id=6570)
patch for DigestAuthenticator.removeQuotes to handle unquoted strings
/show_bug.cgi?id=9851
Digest Authentication Doesn't Work Properly with Mozilla
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Hi,
I've already written this question to the user list by I haven't got any
answer. Perhaps do one of you know the answer to my problem:
I've set up BASIC authentication without any problem in my application. When
I want to change to DIGEST authentication, it doesn't work at all. I'm
getting
/show_bug.cgi?id=9851
Digest Authentication Doesn't Work Properly with Mozilla
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW |RESOLVED
Hi
Here I attach a patch for DigestAuthentication.java and RealmBase.java that should fix
the problems with DIGEST authentication. With this I made it work with Mozilla 1.3, IE
5.0, Opera 7 and my own simple client
I don't have cvs access so I made the patches against a CVS image I downloaded
[EMAIL PROTECTED] wrote:
Hi
Here I attach a patch for DigestAuthentication.java and RealmBase.java that should fix the problems with DIGEST authentication. With this I made it work with Mozilla 1.3, IE 5.0, Opera 7 and my own simple client
I don't have cvs access so I made the patches against
LifecycleListener[] findLifecycleListeners() {
-Original Message-
From: ext Remy Maucherat [mailto:[EMAIL PROTECTED]
Sent: 21 March, 2003 16:05
To: Tomcat Developers List
Subject: Re: [PATCH] Digest Authentication
[EMAIL PROTECTED] wrote:
Hi
Here I attach a patch for DigestAuthentication.java
[EMAIL PROTECTED] wrote:
Hmm, something strange with my mail. I'm attaching them again and pasting the body just in case :-)
The diff is inverted, right ? I need to add the lines with '-', and
remove those with '+'.
Remy
-
To
: Re: [PATCH] Digest Authentication
[EMAIL PROTECTED] wrote:
Hmm, something strange with my mail. I'm attaching them again and pasting the body
just in case :-)
The diff is inverted, right ? I need to add the lines with '-', and
remove those with '+'.
Remy
Hi all
I've been trying unsuccessfully to use the Digest authentication in Tomcat with my
webapp. I need it because Basic authentication is too weak and I cannot use SSL on the
client side.
I noticed that the implementation in Tomcat has some problems that I describe below:
1
[EMAIL PROTECTED] wrote:
Hi all
I've been trying unsuccessfully to use the Digest authentication in Tomcat with my webapp. I need it because Basic authentication is too weak and I cannot use SSL on the client side.
I noticed that the implementation in Tomcat has some problems that I describe
I apologize in advance if I am sending this bug report/fix to the
wrong group or if the fix has already been implemented.
Using JDK1.3.01 and Tomcat 4.1.12, and sun.net.HttpURLConnection,
Digest Authentication does not work. The sun.net.HttpURLConnection
class responds to WWW-Authenticate
I can't get Tomcat 4.1.x to authenticate a Mozilla client when using
DIGEST authentication, although it works fine with IE6. The only
difference I can see is that IE6 sends an extra
algorithm=MD5
attribute in the Authorization header.
Has anybody else seen this?
Should I enter it as bug
/show_bug.cgi?id=9851
Digest Authentication Doesn't Work Properly with Mozilla
Summary: Digest Authentication Doesn't Work Properly with
Mozilla
Product: Tomcat 4
Version: Nightly Build
Platform: Other
OS/Version: Other
Hello,
in Tomcat 4.0 it is possible to use BASIC authentication together with encrypted
passwords (e.g. adding attribute digest=MD5) to a Realm/ element, or DIGEST with
passwords only stored in clear-text. It's not possible to use DIGEST authentication
together with encrypted passwords
:30
Subject: Re: DIGEST authentication scheme for Tomcat 3.3
Hi Attila,
I'll review your changes and I see no problem with fixing
AccessInterceptor and RealmBase. I'm not sure about the new modules - I
think this is a new feature and I'm not very comfortable with features.
If you don't mind
Maybe it's a bit late for this, however here it goes; incorporate it if you
like:
I've added support for DIGEST authentication scheme to Tomcat 3.3.
I was able to successfully test it with Opera 5.12 browser WHEN Tomcat
didn't return an Authentication-info header on successful authentication
it goes; incorporate it if you
like:
I've added support for DIGEST authentication scheme to Tomcat 3.3.
I was able to successfully test it with Opera 5.12 browser WHEN Tomcat
didn't return an Authentication-info header on successful authentication.
Authentication-info header confused the Opera
Hi!
If I see correctly (after testing for it and browsing source extensively),
the 3.2 product line of Tomcat does not support the Digest authentication
scheme (RFC 2069). Could you confirm this? Also, please let me know if 3.3
or 4.0 support Digest.
In case they don't, I'm ready to provide
costin wrote
In 3.3 we tried to make it easy to add modules ( and all the
functionality is implemented in modules ), it's just like adding a
webapplication. The idea is to reduce the pressure on the official
release, reduce the 'featurism', keep tomcat simple, etc.
That's also the general idea
Just wanted you to know: I've done with implementing Digest authentication
in Tomcat 3.2.1 code, will incorporate it into current 3.2.x latest code
from CVS. The funny thing is that so-called "mainstream" browsers (IE and
NN; tried many versions this afternoon) DO NOT support
Just wanted you to know: I've done with implementing Digest authentication
in Tomcat 3.2.1 code, will incorporate it into current 3.2.x latest code
from CVS. The funny thing is that so-called mainstream browsers (IE and
NN; tried many versions this afternoon) DO NOT support the Digest
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: 2001. szeptember 7. 18:13
Subject: Re: Digest authentication in Tomcat?
Tomcat 4.0 already supports DIGEST, but only if the realm can return clear
text passwords. Designing a cheme to store
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: 2001. szeptember 7. 17:38
Subject: Re: Digest authentication in Tomcat?
In 3.3 we tried to make it easy to add modules ( and all the
functionality is implemented in modules ), it's just like adding
On Fri, 7 Sep 2001, Remy Maucherat wrote:
Date: Fri, 7 Sep 2001 09:13:29 -0700
From: Remy Maucherat [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Digest authentication in Tomcat?
Just wanted you to know: I've done with implementing Digest
Tomcat 4.0 already supports DIGEST, but only if the realm can return
clear
text passwords. Designing a cheme to store the limited digest in the
realmshould be possible, but should be postponed until 4.1.
My implementation works with the situation where server only knows
H(username :
Ok, but that would still require some modifications in the JDBC realm, for
example, because it has the annoying habit to store H(password) ;-)
I was planning to add a mechanism a bit like you describe, but after 4.0.
Right, I had to touch existing realm code as well, since current realms
48 matches
Mail list logo
