Mark, Thanks for the quick (and useful) reply. I'll dig through those issues and see if any of them apply. And hopefully I can find a solution that doesn't involve a TC upgrade, as I can't do that at this point.
Thanks again. Jay -----Original Message----- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 4:38 PM To: Tomcat Users List Subject: Re: BASIC authentication to DIGEST authentication Jay Burgess wrote: > Given that I've got BASIC authentication working for my webapp using cleartext > passwords, shouldn't I simply be able to change my <auth-method> from "BASIC" > to > "DIGEST" in <login-config> and it should start working using digest authentication? > > It's not, obviously, but I've seen previous posts in this group that say > things > like "clear text + DIGEST -> works!", so I think it's doable. I'm using TC > 5.0.19 by the way. Yes, it should just work. However, there have been a bunch of fixes in this area. You may hit any of the following bugs/missing features: http://issues.apache.org/bugzilla/show_bug.cgi?id=9851 http://issues.apache.org/bugzilla/show_bug.cgi?id=37132 http://issues.apache.org/bugzilla/show_bug.cgi?id=31198 5.5.5 Add DIGEST authentication support to the JDBC and DataSource realms. Supports both digested and cleartext passwords. (markt) http://issues.apache.org/bugzilla/show_bug.cgi?id=32137 http://issues.apache.org/bugzilla/show_bug.cgi?id=31592 If you want to digest the passwords in tomcat-users.xml (or wherever you store them) then a little more work is required and you may hit more problems. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
