DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21529>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21529
Bug in org.apache.catalina.authenticator.DigestAuthenticator
Summary: Bug in
org.apache.catalina.authenticator.DigestAuthenticator
Product: Tomcat 4
Version: 4.1.24
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: Blocker
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: adam.hathcock@ipov.net
line 317:
qop = removeQuotes(currentTokenValue);
needs to be:
qop = currentTokenValue;
I was using the Tomcat 4.1.24 code as an example for Digest Authentication and
discovered that the hashes weren't matching in my code. Since "auth" was being
stripped to "ut", the hashes were screwed up. I checked the RFC 2617 spec
http://asg.web.cmu.edu/rfc/rfc2617.html#sec-3.5 and qop doesn't have quotes.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
|