DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14817>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14817 JNDIRealm SHA digest implementation incorrect Summary: JNDIRealm SHA digest implementation incorrect Product: Tomcat 4 Version: 4.1.12 Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] I tried to setup Tomcat with user authentication using JNDIRealm and a commercial Siemens MetaDirectory Directory Server. Like Netscape Directory Server, the server stores SHA hashed password using the format: userPassword: {SHA}qZk+NkcGgWq6PiVxeFDCbJzQ2J0= See also http://developer.netscape.com/docs/technote/ldap/pass_sha.html. The password is prefixed with the algorithm and Base64 encoded. The same format is used also by OpenLDAP (ldappasswd). In contrast to this format the Catalina implementation (JNDIRealm.java/RealmBase.java) tries to compare a SHA password using a simple HEX encoding (HexUtils.convert), which of course fails with the mentioned LDAP servers. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
