On the same issue... does using DIGEST Authentication work when the password itself is stored in digest form?
I wasnt able to get it to work... /s --- Sam Ewing <[EMAIL PROTECTED]> wrote: > I might be wrong.. but there is a difference between > using Digest for authentication and storing the > passwords as digest version in the user > tomcat-users.xml file. > > The former is what Pankaj is tying to do.. this > causes > the passwords to be transmitted as digests version > of > themselves from the users browser to Tomcat. Tomcat > then un-digests them and calls the Realm call to do > it > work. > > In the latter, we set the digest attribute to sha or > md5 in the Realm directive in server.xml. This does > not affect how the passwords are transmitted from > the > users browser to Tomcat. The Realm implementation > computes the digest of the password and compares it > with the digested version.. > > Am I on the right track here? > > /s > --- "PELOQUIN,JEFFREY (HP-Boise,ex1)" > <[EMAIL PROTECTED]> wrote: > > When you switched to Digest mode did you convert > the > > original clear text > > passwords to the digest format you wish to use? > > > > -----Original Message----- > > From: KUMAR,PANKAJ (HP-Cupertino,ex1) > > [mailto:[EMAIL PROTECTED]] > > Sent: Monday, January 06, 2003 11:13 AM > > To: '[EMAIL PROTECTED]' > > Subject: REPOST: Tomcat 4.1.18: Digest > > authentication not working? > > > > > > Hi, > > > > I am resposting this message as I did not get any > > answer/comment/advice. > > > > Has anyone ever got Digest authentication working > > with Tomcat? > > -----Original Message----- > > From: KUMAR,PANKAJ (HP-Cupertino,ex1) > > [mailto:[EMAIL PROTECTED]] > > Subject: Tomcat 4.1.18: Digest authentication not > > working? > > > > > > Hi, > > > > I am a relative newbiw to Tomcat. > > > > The manager application works with BASIC > > authentication (default > > configuration), after making appropriate user and > > role entries in > > conf/tomcat-users.xml file. > > > > However, when I change BASIC to DIGEST as shown > > below: > > Default web.xml for "manager": > > ... > > <login-config> > > <auth-method>BASIC</auth-method> > > <realm-name>Tomcat Manager > > Application</realm-name> > > </login-config> > > ... > > Modified web.xml for "manager": > > ... > > <login-config> > > <auth-method>DIGEST</auth-method> > > <realm-name>Tomcat Manager > > Application</realm-name> > > </login-config> > > ... > > > > It doesn't work. I get the login prompt in my > > browser ( I tried both IE6.0 > > and Netscape 7.0 ) with the right realm string, > but > > after entering the user > > name and the password, the prompt appers again. > > > > I am appending the HTTP dump (captured using a > home > > grown interceptor tool > > ): > > ================================================= > > [HTTP] C --> S (370 bytes) > > GET /manager/html HTTP/1.1 > > Accept: image/gif, image/x-xbitmap, image/jpeg, > > image/pjpeg, > > application/vnd.ms- > > powerpoint, application/vnd.ms-excel, > > application/msword, > > application/x-shockwav > > e-flash, */* > > Accept-Language: en-us > > Accept-Encoding: gzip, deflate > > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; > > Windows NT 5.0) > > Host: localhost:8079 > > Connection: Keep-Alive > > > > [HTTP] C <-- S (412 bytes) > > HTTP/1.1 401 Unauthorized > > Pragma: No-cache > > Cache-Control: no-cache > > Expires: Thu, 01 Jan 1970 00:00:00 GMT > > WWW-Authenticate: Digest realm="Tomcat Manager > > Application", qop="auth", > > nonce=" > > bf3c8fa05f1260f6a9d4299d3b882339", > > opaque="03758823e3b14892bb4dc34ef834fa13" > > Content-Type: text/html > > Content-Language: en-US > > Transfer-Encoding: chunked > > Date: Sun, 05 Jan 2003 08:49:24 GMT > > Server: Apache Coyote/1.0 > > > > [HTTP] C <-- S (5 bytes) > > 2ad > > [HTTP] C <-- S (685 bytes) > > <html><head><title>Apache Tomcat/4.1.18-LE-jdk14 - > > Error > > report</title><STYLE><! > > --H1{font-family : sans-serif,Arial,Tahoma;color : > > white;background-color : > > #008 > > 6b2;} H3{font-family : > sans-serif,Arial,Tahoma;color > > : > > white;background-color : > > #0086b2;} BODY{font-family : > > sans-serif,Arial,Tahoma;color : > > black;background-co > > lor : white;} B{color : white;background-color : > > #0086b2;} HR{color : > > #0086b2;} > > --></STYLE> </head><body><h1>HTTP Status 401 - > > </h1><HR size="1" > > noshade><p><b>t > > ype</b> Status report</p><p><b>message</b> > > <u></u></p><p><b>description</b> > > <u>T > > his request requires HTTP authentication > > ().</u></p><HR size="1" > > noshade><h3>Apa > > che Tomcat/4.1.18-LE-jdk14</h3></body></html> > > [HTTP] C <-- S (2 bytes) > > > > [HTTP] C <-- S (5 bytes) > > 0 > > > > [HTTP] C --> S (683 bytes) > > GET /manager/html HTTP/1.1 > > Accept: image/gif, image/x-xbitmap, image/jpeg, > > image/pjpeg, > > application/vnd.ms- > > powerpoint, application/vnd.ms-excel, > > application/msword, > > application/x-shockwav > > e-flash, */* > > Accept-Language: en-us > > Accept-Encoding: gzip, deflate > > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; > > Windows NT 5.0) > > Host: localhost:8079 > > Connection: Keep-Alive > > Authorization: Digest username="pankaj", > > realm="Tomcat Manager Application", > > qop > > ="auth", algorithm="MD5", uri="/manager/html", > > nonce="bf3c8fa05f1260f6a9d4299d3b > > 882339", nc=00000001, > > cnonce="f7710dc1f6683517f0dd8dfd957a50bc", > > opaque="0375882 > > 3e3b14892bb4dc34ef834fa13", > > response="8d3c122778ae3d95564f61a2238c8f51" > > > > [HTTP] C <-- S (412 bytes) > > HTTP/1.1 401 Unauthorized > > Pragma: No-cache > > Cache-Control: no-cache > > Expires: Thu, 01 Jan 1970 00:00:00 GMT > > WWW-Authenticate: Digest realm="Tomcat Manager > > Application", qop="auth", > > nonce=" > > d13c9c9d094919b14030f3bff72edc6b", > > opaque="bd29cf774ee39e6a3cc1c396293be208" > > Content-Type: text/html > > Content-Language: en-US > > Transfer-Encoding: chunked > === message truncated === __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
