Author: markt
Date: Wed Mar 21 10:00:52 2012
New Revision: 1303338
URL: http://svn.apache.org/viewvc?rev=1303338&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52953
When using DIGEST auth, digests are always represented using lower case hex
characters
Modified:
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1303338&r1=1303337&r2=1303338&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Mar 21
10:00:52 2012
@@ -27,6 +27,7 @@ import java.security.NoSuchAlgorithmExce
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Locale;
import javax.servlet.http.HttpServletResponse;
@@ -381,7 +382,8 @@ public abstract class RealmBase extends
String qop, String realm,
String md5a2) {
- String md5a1 = getDigest(username, realm);
+ // In digest auth, digests are always lower case
+ String md5a1 = getDigest(username, realm).toLowerCase(Locale.ENGLISH);
if (md5a1 == null)
return null;
String serverDigestValue;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
