I think it supports digest authentication. However I
can not make it works even in the simplest case. I
have a basic tomcat 5 installation with one of my web
application. I'd like to use digest authentication(I
do not send password to server in clear text).
The configuration is like this
<security-constraint>
    <web-resource-collection>
      <web-resource-name>The Entire Web
Application</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>tomcat</role-name>
    </auth-constraint>
  </security-constraint>

  <login-config>
    <auth-method>DIGEST</auth-method>
    <realm-name>Tomcat Supported Realm</realm-name>
  </login-config>

  <security-role>
    <description>
      An example role defined in
"conf/tomcat-users.xml"
    </description>
    <role-name>tomcat</role-name>
  </security-role>

However, it does not work. I always get 403 (access is
denied error). If I use BASIC authentication,
everything works fine. I searched the mail list. It
seemed other people also has this problem. However
there is no any solution posted for it.
Have anyone get digest authentication works?If anyone
does, what extra step/caution should I takes?

Thanks


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to