tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From DIGLLOYD INC <digllo...@diglloyd.com>
Subject Tomcat 6 DIGEST auth
Date Tue, 22 Apr 2008 16:05:53 GMT
I've read this doc:
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#Digested%20Passwords

But I cannot get it to authenticate.

I'm putting the digested password for myusers into tomcat-users.xml as  
directed.

One problem is that it's not at all clear what the realm is--

Is the realm the <realm-name> specified in the <login-config> in  
web.xml? (eg "Tomcat Manager Application")  Or something else?  The  
docs (link above) suggest "localhost:80" might be the realm, but that  
makes no sense to me, as this would tie it to a specific port.

  <login-config>
     <auth-method>BASIC</auth-method>
     <realm-name>Tomcat Manager Application</realm-name>
   </login-config>


The book I have -- "Tomcat, The Definitive Guide, 2nd Edition" is in  
conflict with the above documentation, making no mention of digesting  
with the username and realm.  The book suggest doing:
bin/digest.sh -a MD5 user-password

But the tomcat 6 docs referenced above suggest doing:
bin/digest.sh -a MD5 username:realm-name:password

--obviously very different approaches!


Lloyd Chambers
http://diglloyd.com

[Mac OS X 10.5.2 Intel, Tomcat 6.0.16]





---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message