tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r790405 - /tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java
Date Wed, 01 Jul 2009 22:13:34 GMT
Author: markt
Date: Wed Jul  1 22:13:33 2009
New Revision: 790405

URL: http://svn.apache.org/viewvc?rev=790405&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=37984
Strip {MD5} as well as {SHA} from digested passwords

Modified:
    tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java

Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=790405&r1=790404&r2=790405&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Wed Jul  1 22:13:33 2009
@@ -1419,10 +1419,10 @@
 
         boolean validated = false;
         if (hasMessageDigest()) {
-            // iPlanet support if the values starts with {SHA1}
+            // Some directories prefix the password with the hash type
             // The string is in a format compatible with Base64.encode not
             // the Hex encoding of the parent class.
-            if (password.startsWith("{SHA}")) {
+            if (password.startsWith("{MD5}") || password.startsWith("{SHA}")) {
                 /* sync since super.digest() does this same thing */
                 synchronized (this) {
                     password = password.substring(5);



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message