Hi, I am a relative newbiw to Tomcat.
The manager application works with BASIC authentication (default configuration), after making appropriate user and role entries in conf/tomcat-users.xml file. However, when I change BASIC to DIGEST as shown below: Default web.xml for "manager": ... <login-config> <auth-method>BASIC</auth-method> <realm-name>Tomcat Manager Application</realm-name> </login-config> ... Modified web.xml for "manager": ... <login-config> <auth-method>DIGEST</auth-method> <realm-name>Tomcat Manager Application</realm-name> </login-config> ... It doesn't work. I get the login prompt in my browser ( I tried both IE6.0 and Netscape 7.0 ) with the right realm string, but after entering the user name and the password, the prompt appers again. I am appending the HTTP dump (captured using a home grown interceptor tool ): ================================================= [HTTP] C --> S (370 bytes) GET /manager/html HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms- powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwav e-flash, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: localhost:8079 Connection: Keep-Alive [HTTP] C <-- S (412 bytes) HTTP/1.1 401 Unauthorized Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT WWW-Authenticate: Digest realm="Tomcat Manager Application", qop="auth", nonce=" bf3c8fa05f1260f6a9d4299d3b882339", opaque="03758823e3b14892bb4dc34ef834fa13" Content-Type: text/html Content-Language: en-US Transfer-Encoding: chunked Date: Sun, 05 Jan 2003 08:49:24 GMT Server: Apache Coyote/1.0 [HTTP] C <-- S (5 bytes) 2ad [HTTP] C <-- S (685 bytes) <html><head><title>Apache Tomcat/4.1.18-LE-jdk14 - Error report</title><STYLE><! --H1{font-family : sans-serif,Arial,Tahoma;color : white;background-color : #008 6b2;} H3{font-family : sans-serif,Arial,Tahoma;color : white;background-color : #0086b2;} BODY{font-family : sans-serif,Arial,Tahoma;color : black;background-co lor : white;} B{color : white;background-color : #0086b2;} HR{color : #0086b2;} --></STYLE> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade><p><b>t ype</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>T his request requires HTTP authentication ().</u></p><HR size="1" noshade><h3>Apa che Tomcat/4.1.18-LE-jdk14</h3></body></html> [HTTP] C <-- S (2 bytes) [HTTP] C <-- S (5 bytes) 0 [HTTP] C --> S (683 bytes) GET /manager/html HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms- powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwav e-flash, */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: localhost:8079 Connection: Keep-Alive Authorization: Digest username="pankaj", realm="Tomcat Manager Application", qop ="auth", algorithm="MD5", uri="/manager/html", nonce="bf3c8fa05f1260f6a9d4299d3b 882339", nc=00000001, cnonce="f7710dc1f6683517f0dd8dfd957a50bc", opaque="0375882 3e3b14892bb4dc34ef834fa13", response="8d3c122778ae3d95564f61a2238c8f51" [HTTP] C <-- S (412 bytes) HTTP/1.1 401 Unauthorized Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT WWW-Authenticate: Digest realm="Tomcat Manager Application", qop="auth", nonce=" d13c9c9d094919b14030f3bff72edc6b", opaque="bd29cf774ee39e6a3cc1c396293be208" Content-Type: text/html Content-Language: en-US Transfer-Encoding: chunked Date: Sun, 05 Jan 2003 08:49:34 GMT Server: Apache Coyote/1.0 [HTTP] C <-- S (697 bytes) 2ad <html><head><title>Apache Tomcat/4.1.18-LE-jdk14 - Error report</title><STYLE><! --H1{font-family : sans-serif,Arial,Tahoma;color : white;background-color : #008 6b2;} H3{font-family : sans-serif,Arial,Tahoma;color : white;background-color : #0086b2;} BODY{font-family : sans-serif,Arial,Tahoma;color : black;background-co lor : white;} B{color : white;background-color : #0086b2;} HR{color : #0086b2;} --></STYLE> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade><p><b>t ype</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>T his request requires HTTP authentication ().</u></p><HR size="1" noshade><h3>Apa che Tomcat/4.1.18-LE-jdk14</h3></body></html> 0 ================================================= Any help would be most appreciated. /Pankaj Kumar Home Page: http://www.pankaj-k.net Web Log: http://www.pankaj-k.net/weblog -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>