DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21529>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21529 Bug in org.apache.catalina.authenticator.DigestAuthenticator Summary: Bug in org.apache.catalina.authenticator.DigestAuthenticator Product: Tomcat 4 Version: 4.1.24 Platform: All OS/Version: All Status: UNCONFIRMED Severity: Blocker Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] line 317: qop = removeQuotes(currentTokenValue); needs to be: qop = currentTokenValue; I was using the Tomcat 4.1.24 code as an example for Digest Authentication and discovered that the hashes weren't matching in my code. Since "auth" was being stripped to "ut", the hashes were screwed up. I checked the RFC 2617 spec http://asg.web.cmu.edu/rfc/rfc2617.html#sec-3.5 and qop doesn't have quotes. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]