On 10/03/2016 21:40, Jason Overland wrote:
> Chris,
>
> On Thu, Mar 10, 2016 at 6:18 AM, Christopher Schultz
> <ch...@christopherschultz.net> wrote:
>> Give this patch a try:
>> ...
>> I have no idea how the options get parsed; we'll see if this simple
>> implementation will get you going again.
>>
>> -chris
>>
>
> The parsing is working correctly. After applying the patch I could
> login successfully. Then I added digest=SHA to jaas.config and it
> stopped working ("wrong password").
>
> On further inspection I found that our CallbackHandler was digesting
> the password before passing it back to the JAASMemoryModule, however
> CredentialHandler expects inputCredentials to be plaintext. So I
> commented out the part of our CallbackHandler that digests the
> password and now it's working. That seems ok to me.
>
> So I think this patch is sufficient to get us going again. Thanks for
> the quick turnaround. If this patch looks good to everyone, do you
> think it can make it into the next Tomcat patch release?
Great. I've been testing a patch along the same lines locally and see
the same results. I'll get it committed before the next 8.0.x release.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
