|
|
|
Re: Digest Authentication Problem: msg#00020java.jetty.general
Greg Wilkins <gregw <at> mortbay.com> writes: > > Jie, > > The problem is that the Digest authentication mechanism needs the server to have > a copy of the password in the clear - so it can regenerate the MD5 hash of the > digest nonce etc. > > If you store the password as a MD5 hash, then the plain text password cannot > be recovered to run the Digest hash algorithm. > > Try using a realm that stores the password as plain text - yes this is a > security problem - but not of Jetty's making! > > cheers > > John Hamilton told me I should change the password to OBF:**** to get Digest Authentication to work, because a MD5 hash-ed password cannot be recovered by Jetty, as you said. Thanks for the help! Jie ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
|
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Release 5.0.RC4, Greg Wilkins |
|---|---|
| Next by Date: | [ANN] Pixory beta-3.10, joseph panico |
| Previous by Thread: | Re: Digest Authentication Problem, Greg Wilkins |
| Next by Thread: | Release 5.0.RC4, Greg Wilkins |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
|
|
| News | FAQ | advertise |