Netscape 4.x versions don't implement DIGEST authentication. When faced with a DIGEST auth, Netscape 4.x will ask the user for a username and password, and send the server a BASIC auth. This is why you're seeing base64 encoded header in a Netscape request - it's BASIC auth, not DIGEST auth.
-- Attila Szegedi home: http://www.szegedi.org ----- Original Message ----- From: "jay n gaba" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: 2002. február 18. 15:50 Subject: Re: RE: Digest authentication problem hi i am facing the same problem. there is a problem while using the digest authentication mode. it seems the password format return by ldap,in my case netscape directory structure, is different than one used by the digest class of tomcat.netscape uses base64 encoding while tomcat uses some hash functionality. so the authentication fails. solving this is in the to do list. if u wish there are 2 ways to solve it urself. 1. make changes to JNDIRealm class. 2. binding user to ldap using bind authentication, which i am not very clear. I am trying to search on this. regards jay ps: check previous mail archives for more details. On Mon, 18 Feb 2002 Meurant , Gerald wrote : > I forgot to mention that it´s a tomcat 4.01 . > > -----Mensaje original----- > De: Meurant , Gerald [mailto:[EMAIL PROTECTED] > .es] > Enviado el: lunes, 18 de febrero de 2002 13:23 > Para: [EMAIL PROTECTED] > Asunto: Digest authentication problem > > > Hi, > > I have a tomcat server using a JNDI-Realm to > authenticate against a LDAP > server. It works fine when using the BASIC > authentication mode, but it > doesn´t work when specifying the DIGEST authentication > mode. > There´s no error message in tomcat, neither in the LDAP > server, so I used a > sniffer to watch the network traffic and the > communication between the 2 > servers : there´s no communication !! > So I think the problem has its origin in tomcat. I post > the realm > description of the server.xml (I replaced the lines > that specified my ldap > server, the connection works in basic mode anyway) : > > <Realm className="org.apache.catalina.realm.JNDIRealm" > debug="4" > connectionName="cn=administrador" > connectionPassword="mypassword" > connectionURL="ldap://myserver:389" > roleBase="dc=roles,o=artic,c=es" > roleName="cn" > roleSearch="(uniqueMember={0})" > roleSubtree="false" > userPassword="userPassword" > userPattern="cn={0},o=artic,c=es" > digest="MD5" > /> > > I would really apreciate any help, my searches on the > net and in the doc are > not giving me any result. Is the realm descriptor > correct ? Thanks. > > Gerald. > > > -- > To unsubscribe: <mailto:tomcat-user-unsubscribe@jakart- > a.apache.org> > For additional commands: <mailto:tomcat-user-help@jakart- > a.apache.org> > Troubles with the list: <mailto:tomcat-user-owner@jakart- > a.apache.org> > > -- > To unsubscribe: <mailto:tomcat-user-unsubscribe@jakart- > a.apache.org> > For additional commands: <mailto:tomcat-user-help@jakart- > a.apache.org> > Troubles with the list: <mailto:tomcat-user-owner@jakart- > a.apache.org> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
smime.p7s
Description: application/pkcs7-signature