---------------------------------------------------------------------------
HARBOR: http://coolharbor.100free.com/index.htm
Now Tomcat is also a cool pojo application server
---------------------------------------------------------------------------
----- Original Message -----
From: "zhongliang zhang" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Monday, November 05, 2007 5:28 AM
Subject: RE: [tomcat]How to decrypt the DIGEST authentication?
Hi,
It still does not work.
Here is the trace:
I create the SHA1 password from the command prompt:
C:\tomcat>java org.apache.catalina.realm.RealmBase -a SHA1
zhangzhongl:JDBCRealm
:secret
zhangzhongl:JDBCRealm:secret:0743d07d727aae8864569cbcefb9ae788150e8b9
C:\tomcat>java org.apache.catalina.realm.RealmBase -a SHA
zhangzhongl:JDBCRealm:
secret
zhangzhongl:JDBCRealm:secret:0743d07d727aae8864569cbcefb9ae788150e8b9
So,I change the password of user "zhangzhongl" to
"0743d07d727aae8864569cbcefb9ae788150e8b9",and add the digest attribute to
JDBCRealm element which has a value of "SHA".
======================
Hi Zhang,
As Mark pointed out it can be done.
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#Digested%20Passwords
But they want you to make tha HASH like this
testUser:localhost:8080:testPassword
AND even though the Realm side is giving you a choice of HASH, I have a
feeling that TC probably uses MD5 on the Security constraint side
I dont know where
<auth-method>DIGEST</auth-method>
actually lets one choose the HASH so I think its MD5
So I THINK....
MD5(zhangzhongl:localhost:8080:thePassword)
will make the right hash... maybe ;)
ie you must make the HASH of all that stuff together, not just the password.
============================
Start the cat,and enter the http://localhost:8080/,the dialog popup,and I
enter zhangzhongl & secret as the username & password,which made me feel
upset is I can not enter the welcome page.
I do not know what is the reason,and I try to get some info from the
logs,but no logs can provide some useful information for this.
If possible,could you do me a favor to send me a simple sample application
for test and get this problem solved?
thank you so much!
_________________________________________________________________
Explore the seven wonders of the world
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
