Logging into manager using MD5 works in 9.0.73 but now fails in 9.0.74->current
Steps to reproduce.
Step 1. Run C:\tomcat\bin> .\digest.bat -a md5 -s 0 -i 1
tomcat:UserDatabase:nobueno
tomcat:UserDatabase:nobueno:bb6c1c32b9b6df4f707c0e58f2c900e0
Step 2. Use the digest # and place it in tomcat-
@tomcat.apache.org
Subject: Re: CredentialHandler not working for MD5
Peter,
On 11/10/23 13:27, Peter Otto wrote:
> Logging into manager using MD5 works in 9.0.73 but now fails in
> 9.0.74->current
> Steps to reproduce.
>
> Step 1. Run C:\tomcat\bin> .\digest
: users@tomcat.apache.org
Subject: Re: CredentialHandler not working for MD5
Peter,
On 11/10/23 16:30, Peter Otto wrote:
> With 9.0.82, and the latest version 10, I get the same problem.
> So I assume it stopped working since 9.0.74 all the way up to 9.0.82
>
> Removing the Realm Lock
digest equals the
clientDigest, then it works.
The way I understand it, the clientDigest comes from the client entering in the
username/pwd on the popup box.
From: Peter Otto
Date: Monday, November 13, 2023 at 11:05 AM
To: Tomcat Users List
Subject: Re: CredentialHandler not working for MD5
1. Configure BASIC auth with clear-text passwords in the Realm and get
that working.
2. Switch to DIGEST auth with clear-text passwords in the Realm and get
that working.
3. Then configure DIGEST auth and digested passwords in the Realm.
Hi Chris,
Step 1 & 2 work
Step 3 will not work with
Ok thanks.
Got it is now working.
This step was missing.
We didn’t have to do this before.
No mention of having to edit Digest inside context.xml here
https://tomcat.apache.org/tomcat-9.0-doc/realm-howto.html
Tried SHA-256, couldn’t get it to work. But MD5 does.
Thanks again.
This e-mail a
