Hello, Last ping hoping to get some help. Thanks
On Wed, Nov 8, 2017 at 10:19 PM, Philippe Mouawad < p.moua...@ubik-ingenierie.com> wrote: > Hello, > Any feedback on this ? > Thanks > > On Sun, Nov 5, 2017 at 9:16 PM, Philippe Mouawad < > p.moua...@ubik-ingenierie.com> wrote: > >> Hello, >> I am having issues making Digest auth work in Tomcat 8.5.23 for manager >> application. >> >> I have done the following: >> >> 1) Edit server.xml and have set MessageDigestCredentialHandler with >> SHA-256 >> <Realm className="org.apache.catalina.realm.LockOutRealm"> >> <!-- This Realm uses the UserDatabase configured in the global >> JNDI >> resources under the key "UserDatabase". Any edits >> that are performed against this UserDatabase are immediately >> available for use by the Realm. --> >> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" >> resourceName="*UserDatabase*"> >> <CredentialHandler className="org.apache.catalina >> .realm.MessageDigestCredentialHandler" algorithm="*SHA-256*" /> >> </Realm> >> </Realm> >> >> 2) Generated password using: >> ./digest.sh -a *SHA-256* -h >> org.apache.catalina.realm.MessageDigestCredentialHandler >> -i 1 -s 0 password1234 >> >> I also tried : >> ./digest.sh -a SHA-256 -h >> org.apache.catalina.realm.MessageDigestCredentialHandler >> -i 1 -s 0 tomcat:UserDatabase:password1234 >> >> 3) Set the last part of password following "password1234:" in >> tomcat-users.xml >> <role rolename="manager-gui"/> >> <role rolename="admin"/> >> <role rolename="manager"/> >> <user username="tomcat" password="b9c950640e1b3740e98a >> cb93e669c65766f6670dd1609ba91ff41052ba48c6f3" >> roles="manager-gui,admin,manager"/> >> >> 4) Edit /webapps/manager/WEB-INF/web.xml >> >> <login-config> >> <auth-method>DIGEST</auth-method> >> <realm-name>UserDatabase</realm-name> >> </login-config> >> >> I then try to login to http://localhost:8080/manager/html and enter >> admin and password1234 >> it fails. >> >> There must be something I am missing. >> >> Sorry if I misread some documentation or if my question is stupid, these >> are the docs I have seen: >> - https://tomcat.apache.org/tomcat-8.5-doc/config/credentialha >> ndler.html#MessageDigestCredentialHandler Note the start of this part is >> not that clear for me. I think my format is >> *salt$iterationCount$encodedCredential* - a hex encoded salt, iteration >> code and a hex encoded credential, each separated by $ >> >> I have also tried solutions described here without success: >> - http://www.techpaste.com/2013/05/enable-password-encryption- >> policy-tomcat-7/ >> - https://stackoverflow.com/questions/39967289/how-to-use-dige >> st-authentication-in-tomcat-8-5 >> - https://stackoverflow.com/questions/2978884/tomcat-digest-wi >> th-manager-webapp >> >> Regards >> Philippe >> > > > > -- > Cordialement. > Philippe Mouawad. > Ubik-Ingénierie > > UBIK LOAD PACK Web Site <http://www.ubikloadpack.com/> > > UBIK LOAD PACK on TWITTER <https://twitter.com/ubikloadpack> > > -- Cordialement. Philippe Mouawad. Ubik-Ingénierie UBIK LOAD PACK Web Site <http://www.ubikloadpack.com/> UBIK LOAD PACK on TWITTER <https://twitter.com/ubikloadpack>