On 09/10/2016 22:24, Steinar Cook wrote: > Tomcat version: 9.0.0.M10 > JDK: 1.8.0_45-b14 > > Operating system: Mac OS X "El Capitan" version 10.11.6 > > I have configured a SecretKeyCredentialHandler inside my Realm: > > <CredentialHandler > className="org.apache.catalina.realm.SecretKeyCredentialHandler" /> > > I am using a DataSourceRealm, which works for plaintext passwords and plain > MD5 hash'ed passwords. > > When switching to SecretKeyCredentialHandler I can no longer log in. > > The password was created using digest.sh like so: > > bin/digest.sh -a PBKDF2WithHmacSHA1 -h \ > > org.apache.catalina.realm.SecretKeyCredentialHandler ringo1 > > Which gave: > ringo1:33ad888cfe318597595149e0e23cc3fc795c0860261880cf1b1c39131f564e9e$20000$a4615c11201f2bcab83f5d576eb782b24be40e4d > > > I stored the "33ad88....4d" in the password column in the database. > > Attempting to access the resource fails (401). > > I am using BASIC authentication. > > How do I generate a password which will be recognized by > SecretKeyCredentialHandler?
You have followed the correct process above. I've just checked that password locally with a UserDatabaseRealm and it works. In your shoes I'd be firing up Eclipse and remote debugging my way through the authentication process to see what is going wrong. One possibility is that the database has truncated the password value. It shouldn't have done that silently but I'd recommend checking just to be sure. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
