svn commit: r1348296 - in /tomcat/tc6.0.x/trunk/webapps/docs: changelog.xml realm-howto.xml

Fri, 08 Jun 2012 18:49:03 -0700 

Author: kkolinko
Date: Sat Jun  9 01:48:39 2012
New Revision: 1348296

URL: http://svn.apache.org/viewvc?rev=1348296&view=rev
Log:
CTR: docs
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52515
Note that DIGEST auth requires MD5 digests
It is backport of r1236916
Modified:
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
    tomcat/tc6.0.x/trunk/webapps/docs/realm-howto.xml

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1348296&r1=1348295&r2=1348296&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Sat Jun  9 01:48:39 2012
@@ -182,6 +182,11 @@
         environment variable that is passed to the service. (markt)
       </fix>
       <fix>
+        <bug>52515</bug>: Make it clear in the Realm how-to in the 
documentation
+        web application that digested password storage when using DIGEST
+        authentication requires that MD5 digests are used. (markt)
+      </fix>
+      <fix>
         <bug>52641</bug>: Remove mentioning of ldap.jar from docs.
         Patch provided by Felix Schumacher. (rjung)
       </fix>

Modified: tomcat/tc6.0.x/trunk/webapps/docs/realm-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/realm-howto.xml?rev=1348296&r1=1348295&r2=1348296&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/realm-howto.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/realm-howto.xml Sat Jun  9 01:48:39 2012
@@ -205,10 +205,10 @@ java org.apache.catalina.realm.RealmBase
 </ul>
 
 <p>If using digested passwords with DIGEST authentication, the cleartext used
-   to generate the digest is different. In the examples above
-   <code>{cleartext-password}</code> must be replaced with 
-   <code>{username}:{realm}:{cleartext-password}</code>. For example, in a
-   development environment this might take the form
+   to generate the digest is different and the digest must use the MD5
+   algorithm. In the examples above <code>{cleartext-password}</code> must be
+   replaced with <code>{username}:{realm}:{cleartext-password}</code>. For
+   example, in a development environment this might take the form
    <code>testUser:Authentication required:testPassword</code>. The value for
    <code>{realm}</code> is taken from the <code>&lt;realm-name&gt;</code>
    element of the web application's <code>&lt;login-config&gt;</code>. If



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to