Re: DIGEST authentication; Does it work??

2005-03-23 Thread Mark Leone
ce the word digest is in tags, and I think they are trying to indicate this is a key word you can use in the tag. Let us know if this works for you. |)ave -Original Message----- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: R

Re: DIGEST authentication; Does it work??

2005-03-23 Thread Mark Leone
his works for you. |)ave -Original Message- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC

Re: DIGEST authentication; Does it work??

2005-03-23 Thread Mark Leone
us know if this works for you. |)ave -Original Message- From: Mark Leone [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 1:53 AM To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authenticatio

RE: DIGEST authentication; Does it work??

2005-03-23 Thread David Owens
To: Tomcat Users List Subject: Re: DIGEST authentication; Does it work?? So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response he

Re: DIGEST authentication; Does it work??

2005-03-23 Thread Mark Leone
So at 3:00 AM I decided to read the Basic and Digest Access Authentication spec (RFC 2617), and it says that MD5 is the default hash algorithm. I had previously seen that Tomcat wasn't sending any response headers explicitly specifying the hash algorithm, even though I had specified SHA in the

Re: DIGEST authentication; Does it work??

2005-03-22 Thread Mark Leone
I found a silly classpath error that fixed the problem using RealmBase. I didn't realize that my system still had environment variable %catalina_home% pointing to an old tomcat 4.1.24 directory. So when I opened a command window to generate digest values I was executing RealmBase in tomcat 4.1.

Re: DIGEST authentication; Does it work??

2005-03-22 Thread Mark Leone
Okay, I was using 5.5.7. So I just downloaded the source and built 5.5.8, and things got worse. Digest authentication is not working for me. I believe I've set everything up correctly. Using an HTTP monitor I see a 401 response coming back from Tomcat with a www-authenticate header whose parame

Re: DIGEST authentication; Does it work??

2005-03-22 Thread Mark Thomas
Yes it does. I tested this extensively with both IE and Firefox. Any combination of the following is OK: Auth: BASIC, FORM, DIGEST Realm: Memory, UserDatabase, JDBC, DataSource Passwords: Cleartext, digested There is a complication when using digested passwords with the di

DIGEST authentication; Does it work??

2005-03-21 Thread Mark Leone
I'm trying to use DIGEST authentication with Tomcat, and it doesn't seem to work. I found some articles with Google about IE implementing DIGEST authentication in a way that only worked with MS servers, and I assume that hasn't been corrected. But I'm also using Firefox with the same results as