Digest

[Maxime Colas des Francs <ma...@sts.ca>]

Hi

In a jsp application i want to calculate digested passowrds dynamically
According to the Realm How To ... i write this code in a jsp :

<% String digest = 
org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"), 
"MD5"); %>

Here is the result :

	org.apache.jasper.JasperException: Unable to compile class for JSP 
Generated servlet error:
	[...] package org.apache.catalina.realm does not exist [...]
	[javac] 	String digest = 
org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"), 
"MD5");
	[javac]

How can i fix that ? catalina.jar is not in tomcat classpath ?

thks

Re: Digest

[Tim Funk <fu...@joedog.org>]

Without digging into code, I have no clue. So either I can read the source 
(of how its done in RealmBase) or your can. (And right now, I'm feeling lazy ;) )

I'm guessing org.apache.catalina.util.HexUtils would be what you want.

-Tim

Maxime Colas des Francs wrote:
> 
> Thks for your response !
> 
> But I have now another pb .
> 
> javadoc for org.apache.catalina.realm.RealmBase.Digest() says :
>  ... Digest password using the algorithm especificied and convert the 
> result to a corresponding hex string ...
> 
> So how to convert my base64(MD5()) digest to the correct hex String ?
> I try Integer.toHexString on each byte ... no good.
> 
> MD5 digest for realm auth don't seem to be a simple MD5 digest ..
> 
> At 06:42 2003-08-07 -0400, you wrote:
> 
>> My favorite Base64 library is org.apache.catalina.util.Base64 ;)
>>
>> -Tim
>>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Digest

[Tim Funk <fu...@joedog.org>]

Without digging into code, I have no clue. So either I can read the source 
(of how its done in RealmBase) or your can. (And right now, I'm feeling lazy ;) )

I'm guessing org.apache.catalina.util.HexUtils would be what you want.

-Tim

Maxime Colas des Francs wrote:
> 
> Thks for your response !
> 
> But I have now another pb .
> 
> javadoc for org.apache.catalina.realm.RealmBase.Digest() says :
>  ... Digest password using the algorithm especificied and convert the 
> result to a corresponding hex string ...
> 
> So how to convert my base64(MD5()) digest to the correct hex String ?
> I try Integer.toHexString on each byte ... no good.
> 
> MD5 digest for realm auth don't seem to be a simple MD5 digest ..
> 
> At 06:42 2003-08-07 -0400, you wrote:
> 
>> My favorite Base64 library is org.apache.catalina.util.Base64 ;)
>>
>> -Tim
>>

Re: Digest

[Maxime Colas des Francs <ma...@sts.ca>]

Thks for your response !

But I have now another pb .

javadoc for org.apache.catalina.realm.RealmBase.Digest() says :
  ... Digest password using the algorithm especificied and convert the 
result to a corresponding hex string ...

So how to convert my base64(MD5()) digest to the correct hex String ?
I try Integer.toHexString on each byte ... no good.

MD5 digest for realm auth don't seem to be a simple MD5 digest ..

At 06:42 2003-08-07 -0400, you wrote:
>My favorite Base64 library is org.apache.catalina.util.Base64 ;)
>
>-Tim
>
>Bill Barker wrote:
>>I agree with Nikola. Firstly, even if you could access Catalina internals,
>>you are calling the wrong method.  You would need to call getDigest(String
>>userName, String Pass).  From the RealmBase code, you probably want
>>something like:
>><%
>>   MessageDigest md = MessageDigest.getInstance("MD5");
>>   String preDigest = request.getParameter("user")+
>>":"+RealmName+request.getParameter("password");
>>   byte [] pwd = md.digest(preDigest.getBytes());
>>   String digest = toBase64(pwd);
>>%>
>>Here, toBase64 is your favorite byte->base64 encoding library.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Digest

[Maxime Colas des Francs <ma...@sts.ca>]

Thks for your response !

But I have now another pb .

javadoc for org.apache.catalina.realm.RealmBase.Digest() says :
  ... Digest password using the algorithm especificied and convert the 
result to a corresponding hex string ...

So how to convert my base64(MD5()) digest to the correct hex String ?
I try Integer.toHexString on each byte ... no good.

MD5 digest for realm auth don't seem to be a simple MD5 digest ..

At 06:42 2003-08-07 -0400, you wrote:
>My favorite Base64 library is org.apache.catalina.util.Base64 ;)
>
>-Tim
>
>Bill Barker wrote:
>>I agree with Nikola. Firstly, even if you could access Catalina internals,
>>you are calling the wrong method.  You would need to call getDigest(String
>>userName, String Pass).  From the RealmBase code, you probably want
>>something like:
>><%
>>   MessageDigest md = MessageDigest.getInstance("MD5");
>>   String preDigest = request.getParameter("user")+
>>":"+RealmName+request.getParameter("password");
>>   byte [] pwd = md.digest(preDigest.getBytes());
>>   String digest = toBase64(pwd);
>>%>
>>Here, toBase64 is your favorite byte->base64 encoding library.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Digest

[Tim Funk <fu...@joedog.org>]

My favorite Base64 library is org.apache.catalina.util.Base64 ;)

-Tim

Bill Barker wrote:
> I agree with Nikola. Firstly, even if you could access Catalina internals,
> you are calling the wrong method.  You would need to call getDigest(String
> userName, String Pass).  From the RealmBase code, you probably want
> something like:
> <%
>   MessageDigest md = MessageDigest.getInstance("MD5");
>   String preDigest = request.getParameter("user")+
> 
> ":"+RealmName+request.getParameter("password");
>   byte [] pwd = md.digest(preDigest.getBytes());
>   String digest = toBase64(pwd);
> %>
> 
> Here, toBase64 is your favorite byte->base64 encoding library.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Digest

[Tim Funk <fu...@joedog.org>]

My favorite Base64 library is org.apache.catalina.util.Base64 ;)

-Tim

Bill Barker wrote:
> I agree with Nikola. Firstly, even if you could access Catalina internals,
> you are calling the wrong method.  You would need to call getDigest(String
> userName, String Pass).  From the RealmBase code, you probably want
> something like:
> <%
>   MessageDigest md = MessageDigest.getInstance("MD5");
>   String preDigest = request.getParameter("user")+
> 
> ":"+RealmName+request.getParameter("password");
>   byte [] pwd = md.digest(preDigest.getBytes());
>   String digest = toBase64(pwd);
> %>
> 
> Here, toBase64 is your favorite byte->base64 encoding library.

Re: Digest

[Bill Barker <wb...@wilshire.com>]

I agree with Nikola. Firstly, even if you could access Catalina internals,
you are calling the wrong method.  You would need to call getDigest(String
userName, String Pass).  From the RealmBase code, you probably want
something like:
<%
  MessageDigest md = MessageDigest.getInstance("MD5");
  String preDigest = request.getParameter("user")+

":"+RealmName+request.getParameter("password");
  byte [] pwd = md.digest(preDigest.getBytes());
  String digest = toBase64(pwd);
%>

Here, toBase64 is your favorite byte->base64 encoding library.

"Nikola Milutinovic" <Ni...@ev.co.yu> wrote in message
news:003d01c35ca2$f5ad0480$6e3da8c0@ev.co.yu...
> > In a jsp application i want to calculate digested passowrds dynamically
> > According to the Realm How To ... i write this code in a jsp :
> >
> > <% String digest =
> >
org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"),
> > "MD5"); %>
>
> Isn't there a "Digest" method in some, more public place? JAAS or some
cryptography?
>
> > Here is the result :
> >
> > org.apache.jasper.JasperException: Unable to compile class for JSP
> > Generated servlet error:
> > [...] package org.apache.catalina.realm does not exist [...]
>
> In other words, "javac" has no knowledge of Tomcat's internal classes, as
it shouldn't.
>
> > [javac] String digest =
> >
org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"),
> > "MD5");
> > [javac]
> >
> > How can i fix that ? catalina.jar is not in tomcat classpath ?
>
> I'd sugest looking for "Digest" in some of the public APIs of Java
platform. That way you will be transparent to the container (IOW, you'll be
able to run your web-app on something other than Tomcat).
>
> Nix.
>

Re: Digest

[Bill Barker <wb...@wilshire.com>]

I agree with Nikola. Firstly, even if you could access Catalina internals,
you are calling the wrong method.  You would need to call getDigest(String
userName, String Pass).  From the RealmBase code, you probably want
something like:
<%
  MessageDigest md = MessageDigest.getInstance("MD5");
  String preDigest = request.getParameter("user")+

":"+RealmName+request.getParameter("password");
  byte [] pwd = md.digest(preDigest.getBytes());
  String digest = toBase64(pwd);
%>

Here, toBase64 is your favorite byte->base64 encoding library.

"Nikola Milutinovic" <Ni...@ev.co.yu> wrote in message
news:003d01c35ca2$f5ad0480$6e3da8c0@ev.co.yu...
> > In a jsp application i want to calculate digested passowrds dynamically
> > According to the Realm How To ... i write this code in a jsp :
> >
> > <% String digest =
> >
org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"),
> > "MD5"); %>
>
> Isn't there a "Digest" method in some, more public place? JAAS or some
cryptography?
>
> > Here is the result :
> >
> > org.apache.jasper.JasperException: Unable to compile class for JSP
> > Generated servlet error:
> > [...] package org.apache.catalina.realm does not exist [...]
>
> In other words, "javac" has no knowledge of Tomcat's internal classes, as
it shouldn't.
>
> > [javac] String digest =
> >
org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"),
> > "MD5");
> > [javac]
> >
> > How can i fix that ? catalina.jar is not in tomcat classpath ?
>
> I'd sugest looking for "Digest" in some of the public APIs of Java
platform. That way you will be transparent to the container (IOW, you'll be
able to run your web-app on something other than Tomcat).
>
> Nix.
>




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Digest

[Nikola Milutinovic <Ni...@ev.co.yu>]

> In a jsp application i want to calculate digested passowrds dynamically
> According to the Realm How To ... i write this code in a jsp :
> 
> <% String digest = 
> org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"), 
> "MD5"); %>

Isn't there a "Digest" method in some, more public place? JAAS or some cryptography?

> Here is the result :
> 
> org.apache.jasper.JasperException: Unable to compile class for JSP 
> Generated servlet error:
> [...] package org.apache.catalina.realm does not exist [...]

In other words, "javac" has no knowledge of Tomcat's internal classes, as it shouldn't.

> [javac] String digest = 
> org.apache.catalina.realm.RealmBase.Digest(request.getParameter("password"), 
> "MD5");
> [javac]
> 
> How can i fix that ? catalina.jar is not in tomcat classpath ?

I'd sugest looking for "Digest" in some of the public APIs of Java platform. That way you will be transparent to the container (IOW, you'll be able to run your web-app on something other than Tomcat).

Nix.