-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lloyd,
DIGLLOYD INC wrote:
Answer: SHA just doesn't work. MD5 works fine. I presume this is
because the browser has no idea what algorithm to use, and just always
uses MD5.
You should read the definition of HTTP DIGEST auth. It doesn't just
Chris,
I accept your point.
It's too bad the Tomcat how to docs don't mention this in a brief
note.
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html
I'm not on the tomcat developer group, otherwise I'd fix it.
It's even more disappointing that the books I've seen on the subject
DIGLLOYD INC wrote:
Chris,
I accept your point.
It's too bad the Tomcat how to docs don't mention this in a brief note.
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html
I'm not on the tomcat developer group, otherwise I'd fix it.
That doesn't stop you creating a patch. Create
How to produce the hashed password when using auth-method DIGEST ?
Everything works with cleartext passwords using the following login-
config in web.xml:
login-config
auth-methodDIGEST/auth-method
realm-nameDIGLLOYD.COM/realm-name
/login-config
and in context.xml: