Re: digest algorithm in BASIC auth
yes!! that´s base64 encoding, you are perfectly right!!! thanks Christopher Schultz-2 wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Antonio, > > On 2/13/2010 3:01 AM, banto wrote: >> I was confused because in the HTTP message exchanges between the browser >> and >> tomcat i saw that tomcat sent back to the browser the realm value. for >> that >> i thought was involved some kind of digest. > > The realm name is present in both BASIC and DIGEST authentication > mechanisms. > > Were you able to get things working? > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkt2u5cACgkQ9CaO5/Lv0PDxlACfQeCnbfzDtGaK02LwdKwjzh3a > tu4An2QCo/tCLUAWQNLJzy8GKQV0q49J > =cKxS > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/digest-algorithm-in-BASIC-auth-tp27562000p27576143.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest algorithm in BASIC auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Antonio, On 2/13/2010 3:01 AM, banto wrote: > I was confused because in the HTTP message exchanges between the browser and > tomcat i saw that tomcat sent back to the browser the realm value. for that > i thought was involved some kind of digest. The realm name is present in both BASIC and DIGEST authentication mechanisms. Were you able to get things working? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt2u5cACgkQ9CaO5/Lv0PDxlACfQeCnbfzDtGaK02LwdKwjzh3a tu4An2QCo/tCLUAWQNLJzy8GKQV0q49J =cKxS -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest algorithm in BASIC auth
hi Chris, thank you very much. I was confused because in the HTTP message exchanges between the browser and tomcat i saw that tomcat sent back to the browser the realm value. for that i thought was involved some kind of digest. Antonio Christopher Schultz-2 wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Antonio, > > On 2/12/2010 6:12 AM, banto wrote: >> my tomcat conf has basic auth and i have a the following in web.xml >> >> >> BASIC >> The HTML Application >> > That is HTTP BASIC AUTH. > >> now i´m seeing that the password during the auth is digested and has >> value. >> >> Authorization: Basic YW50b25pbzpwYXNzd29yZA== >> >> My problem is that i cannot understand where it comes from... > > That's base64(username + ':' + password). Your username is 'antonio' and > your password is 'password' in this case. > >> I´m trying all the combination, i mean i´m digesting >> >> user:realm:password with all of the algorithms but i cannot get that >> value. > > You are confusing the above with HTTP DIGEST AUTH, which requires > md5(user + ':' + realm + ':' + password) > > Along with Konstantin's reference, you should also read this one: > http://en.wikipedia.org/wiki/Http_digest_authentication > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkt1pxoACgkQ9CaO5/Lv0PCo1gCgoHNO/WVMn7BlX48B1VlavGte > MfYAn3AjZY6XyRHFIg2xBCFL7JEn+k5k > =w9Gu > -END PGP SIGNATURE- > > ------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/digest-algorithm-in-BASIC-auth-tp27562000p27573009.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest algorithm in BASIC auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Antonio, On 2/12/2010 6:12 AM, banto wrote: > my tomcat conf has basic auth and i have a the following in web.xml > > > BASIC > The HTML Application > now i´m seeing that the password during the auth is digested and has value. > > Authorization: Basic YW50b25pbzpwYXNzd29yZA== > > My problem is that i cannot understand where it comes from... That's base64(username + ':' + password). Your username is 'antonio' and your password is 'password' in this case. > I´m trying all the combination, i mean i´m digesting > > user:realm:password with all of the algorithms but i cannot get that value. You are confusing the above with HTTP DIGEST AUTH, which requires md5(user + ':' + realm + ':' + password) Along with Konstantin's reference, you should also read this one: http://en.wikipedia.org/wiki/Http_digest_authentication - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt1pxoACgkQ9CaO5/Lv0PCo1gCgoHNO/WVMn7BlX48B1VlavGte MfYAn3AjZY6XyRHFIg2xBCFL7JEn+k5k =w9Gu -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest algorithm in BASIC auth
2010/2/12 banto : > I´m trying all the combination, i mean i´m digesting > > user:realm:password with all of the algorithms but i cannot get that value. > See RFC 2617 or at least http://en.wikipedia.org/wiki/Basic_access_authentication Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
digest algorithm in BASIC auth
Hi all, my tomcat conf has basic auth and i have a the following in web.xml BASIC The HTML Application http://old.nabble.com/digest-algorithm-in-BASIC-auth-tp27562000p27562000.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
