svn commit: r1633584 - in /tomcat/trunk: java/org/apache/catalina/realm/RealmBase.java webapps/docs/realm-howto.xml

Wed, 22 Oct 2014 02:55:39 -0700 

Author: markt
Date: Wed Oct 22 09:54:39 2014
New Revision: 1633584

URL: http://svn.apache.org/r1633584
Log:
Switch the default character set for command line digesting of passwords from 
UTF-8 to the system encoding as per kkolinko's review comment.

Modified:
    tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
    tomcat/trunk/webapps/docs/realm-howto.xml

Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1633584&r1=1633583&r2=1633584&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Oct 22 
09:54:39 2014
@@ -1387,16 +1387,17 @@ public abstract class RealmBase extends 
 
     // --------------------------------------------------------- Static Methods
 
-
     /**
-     * Digest password using the algorithm specified and
-     * convert the result to a corresponding hex string.
-     * If exception, the plain credentials string is returned
+     * Digest password using the algorithm specified and convert the result to 
a
+     * corresponding hex string.
+     *
+     * @param credentials Password or other credentials to use in 
authenticating
+     *                    this username
+     * @param algorithm   Algorithm used to do the digest
+     * @param encoding    Character encoding of the string to digest
      *
-     * @param credentials Password or other credentials to use in
-     *  authenticating this username
-     * @param algorithm Algorithm used to do the digest
-     * @param encoding Character encoding of the string to digest
+     * @return The digested credentials as a hex string or the original plain
+     *         text credentials if an error occurs.
      */
     public static final String Digest(String credentials, String algorithm,
                                       String encoding) {
@@ -1433,8 +1434,9 @@ public abstract class RealmBase extends 
      *                 credential. If not specified a default of SHA-512 will 
be
      *                 used.</li>
      * <li><b>-e</b> - The encoding to use for any byte to/from character
-     *                 conversion that may be necessary. If not specified, a
-     *                 default of UTF-8 will be used.</li>
+     *                 conversion that may be necessary. If not specified, the
+     *                 system encoding ({@link Charset#defaultCharset()}) will
+     *                 be used.</li>
      * <li><b>-i</b> - The number of iterations to use when generating the
      *                 stored credential. If not specified, the default for the
      *                 CredentialHandler will be used.</li>
@@ -1456,11 +1458,12 @@ public abstract class RealmBase extends 
      * <li>{@link MessageDigestCredentialHandler}</li>
      * <li>{@link SecretKeyCredentialHandler}</li>
      * </ul>
+     * @param args The parameters passed on the command line
      */
     public static void main(String args[]) {
 
         String algorithm = "SHA-512";
-        String encoding = "UTF-8";
+        String encoding = Charset.defaultCharset().name();
         int saltLength = -1;
         int iterations = -1;
         int keyLength = -1;

Modified: tomcat/trunk/webapps/docs/realm-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/realm-howto.xml?rev=1633584&r1=1633583&r2=1633584&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/realm-howto.xml (original)
+++ tomcat/trunk/webapps/docs/realm-howto.xml Wed Oct 22 09:54:39 2014
@@ -189,8 +189,8 @@ techniques are supported:</p>
 <li>If you are writing an application that needs to calculate digested
     passwords dynamically, call the static <code>Digest()</code> method of the
     <code>org.apache.catalina.realm.RealmBase</code> class, passing the
-    cleartext password and the digest algorithm name as arguments.  This
-    method will return the digested password.</li>
+    cleartext password, the digest algorithm name and the encoding as 
arguments.
+    This method will return the digested password.</li>
 <li>If you want to execute a command line utility to calculate the digested
     password, simply execute
 <source>CATALINA_HOME/bin/digest.[bat|sh] -a {algorithm} 
{cleartext-password}</source>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to