RE: RealmBase Digest Method

Fri, 24 Oct 2003 19:57:48 -0700 

Thanks Chris - that did the trick!

Rob Abernethy
Dynamic Edge, Inc.

-----Original Message-----
From: Christopher Schultz [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2003 5:35 PM
To: Tomcat Users List
Subject: Re: RealmBase Digest Method

Rob/Thai,

> All you need to do is drop the catalina.jar into:
> /your_webapps/WEB-INF/lib
> 
> and in your web application:
> import org.apache.catalina.realm.RealmBase
> 
> encryptedPassword = RealmBase.Digest("clear_passwd", "MD5");

I'm certainly not an expert, but I figured that putting catalina.jar 
into the webapp's lib directory might be dangerous.

However, writing the code to use Java's built-in MessageDigest class is 
almost as easy. Code follows:

================

import java.security.MessageDigest;

/**
  * @author Chris Schultz
  */
public class Digester
{
     private static final char[] hex = "0123456789abcdef".toCharArray();

     /**
      * Returns a message digest of the specified string using the
      * specified digest algorithm.<p>
      *
      * @param cleartext The cleartext string to be digested.
      * @param algorithm The digest algorithm to use (try
      *        "<code>MD5</code>" or "<code>SHA-1</code>".
      *
      * @return A String of hex characters representing the message
      *         digest of the given cleartext string.
      */
     public static String digest(String cleartext, String algorithm)
         throws Exception
     {
         MessageDigest md = MessageDigest.getInstance(algorithm);

         md.update(cleartext.getBytes()); // Might want to use a
                                          // specific char encoding?

         byte[] digest = md.digest();
         StringBuffer sb = new StringBuffer(2*digest.length);

         for(int i=0; i<digest.length; ++i)
         {
             int high = (digest[i] & 0xf0) >> 4;
             int low  = (digest[i] & 0x0f);

             sb.append(hex[high]);
             sb.append(hex[low]);
         }

         return(sb.toString());
     }
}

========

Hope that helps,
-chris


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to