tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 37984] New: - JNDIRealm.java not able to handle MD5 password
Date Wed, 21 Dec 2005 04:51:21 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37984>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37984

           Summary: JNDIRealm.java not able to handle MD5 password
           Product: Tomcat 5
           Version: 5.5.12
          Platform: Other
        OS/Version: other
            Status: NEW
          Keywords: PatchAvailable
          Severity: normal
          Priority: P3
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: eric@lenio.net


I'm using JNDIRealm to authenticate to OpenLDAP 2.2.28.  Within OpenLDAP I've
configured the userPassword attribute for each user to contain the MD5 digest,
and each is prefixed with the string "{MD5}".  I am not an LDAP expert by any
means but I believe this prefix is a standard convention.  Anyway assuming this
is a convention then JNDIRealm needs to strip off the "{MD5}" portion much like
it does with "{SHA1}".  See attached patch which accomplishes this and I
verified it works in my environment.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message