tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jay n gaba" <jayg...@rediffmail.com>
Subject Re: RE: Digest authentication problem
Date Mon, 18 Feb 2002 14:50:50 GMT

hi
i am facing the same problem. there is a problem while using the digest authentication mode.
it seems the password format return by ldap,in my case netscape directory structure, is different
than one used by the digest class of tomcat.netscape uses base64 encoding while tomcat uses
some hash functionality. so the authentication fails. 

solving this is in the to do list. if u wish there are 2 ways to solve it urself.
1. make changes to JNDIRealm class. 
2. binding user to ldap using bind authentication, which i am not very clear. I am trying
to search on this.

regards
jay

ps: check previous mail archives for more details.

On Mon, 18 Feb 2002 Meurant , Gerald wrote :
> I forgot to mention that it´s a tomcat 4.01 .
> 
> -----Mensaje original-----
> De: Meurant , Gerald [mailto:gerald.meurant@mad.tecsidel-
> .es]
> Enviado el: lunes, 18 de febrero de 2002 13:23
> Para: tomcat-user@jakarta.apache.org
> Asunto: Digest authentication problem
> 
> 
> Hi,
> 
> I have a tomcat server using a JNDI-Realm to 
> authenticate against a LDAP
> server. It works fine when using the BASIC 
> authentication mode, but it
> doesn´t work when specifying the DIGEST authentication 
> mode.
> There´s no error message in tomcat, neither in the LDAP 
> server, so I used a
> sniffer to watch the network traffic and the 
> communication between the 2
> servers : there´s no communication !!
> So I think the problem has its origin in tomcat. I post 
> the realm
> description of the server.xml (I replaced the lines 
> that specified my ldap
> server, the connection works in basic mode anyway) : 
> 
> 	<Realm className="org.apache.catalina.realm.JNDIRealm" 
> debug="4"
> 	connectionName="cn=administrador"
> 	connectionPassword="mypassword"
> 	connectionURL="ldap://myserver:389"
> 	roleBase="dc=roles,o=artic,c=es"
> 	roleName="cn"
> 	roleSearch="(uniqueMember={0})"
> 	roleSubtree="false"
> 	userPassword="userPassword"
> 	userPattern="cn={0},o=artic,c=es"
> 	digest="MD5"
> 	/>
> 
> I would really apreciate any help, my searches on the 
> net and in the doc are
> not giving me any result. Is the realm descriptor 
> correct ? Thanks.
> 
> Gerald.
> 
> 
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakart-
> a.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakart-
> a.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakart-
> a.apache.org>
> 
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakart-
> a.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakart-
> a.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakart-
> a.apache.org>
> 
 


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message