tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Www-authenticate ...
Date Mon, 21 Dec 2009 12:34:05 GMT
insi wrote:
> Hi,
> 
> My tomcat server is sending www-authenticate (digest) header but the header
> doesn't contain the algorithm field, which one is choosen by default?
MD5
> How do I specify it to use particular algorithm (sha1/md5)?

In short, you can't.
See HTTP 2616 and 2617.
Theoretically, you could, via the optional "Authentication-Info" header 
indicated in RFC2617. But in the practice, to my knowledge, browsers 
support only Digest with MD5, so it doesn't really help.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message