You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "KUMAR,PANKAJ (HP-Cupertino,ex1)" <pa...@hp.com> on 2003/01/05 09:54:57 UTC
Tomcat 4.1.18: Digest authentication not working?
Hi,
I am a relative newbiw to Tomcat.
The manager application works with BASIC authentication (default
configuration), after making appropriate user and role entries in
conf/tomcat-users.xml file.
However, when I change BASIC to DIGEST as shown below:
Default web.xml for "manager":
...
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Manager Application</realm-name>
</login-config>
...
Modified web.xml for "manager":
...
<login-config>
<auth-method>DIGEST</auth-method>
<realm-name>Tomcat Manager Application</realm-name>
</login-config>
...
It doesn't work. I get the login prompt in my browser ( I tried both IE6.0
and Netscape 7.0 ) with the right realm string, but after entering the user
name and the password, the prompt appers again.
I am appending the HTTP dump (captured using a home grown interceptor tool
):
=================================================
[HTTP] C --> S (370 bytes)
GET /manager/html HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-
powerpoint, application/vnd.ms-excel, application/msword,
application/x-shockwav
e-flash, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Host: localhost:8079
Connection: Keep-Alive
[HTTP] C <-- S (412 bytes)
HTTP/1.1 401 Unauthorized
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
WWW-Authenticate: Digest realm="Tomcat Manager Application", qop="auth",
nonce="
bf3c8fa05f1260f6a9d4299d3b882339", opaque="03758823e3b14892bb4dc34ef834fa13"
Content-Type: text/html
Content-Language: en-US
Transfer-Encoding: chunked
Date: Sun, 05 Jan 2003 08:49:24 GMT
Server: Apache Coyote/1.0
[HTTP] C <-- S (5 bytes)
2ad
[HTTP] C <-- S (685 bytes)
<html><head><title>Apache Tomcat/4.1.18-LE-jdk14 - Error
report</title><STYLE><!
--H1{font-family : sans-serif,Arial,Tahoma;color : white;background-color :
#008
6b2;} H3{font-family : sans-serif,Arial,Tahoma;color :
white;background-color :
#0086b2;} BODY{font-family : sans-serif,Arial,Tahoma;color :
black;background-co
lor : white;} B{color : white;background-color : #0086b2;} HR{color :
#0086b2;}
--></STYLE> </head><body><h1>HTTP Status 401 - </h1><HR size="1"
noshade><p><b>t
ype</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b>
<u>T
his request requires HTTP authentication ().</u></p><HR size="1"
noshade><h3>Apa
che Tomcat/4.1.18-LE-jdk14</h3></body></html>
[HTTP] C <-- S (2 bytes)
[HTTP] C <-- S (5 bytes)
0
[HTTP] C --> S (683 bytes)
GET /manager/html HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-
powerpoint, application/vnd.ms-excel, application/msword,
application/x-shockwav
e-flash, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Host: localhost:8079
Connection: Keep-Alive
Authorization: Digest username="pankaj", realm="Tomcat Manager Application",
qop
="auth", algorithm="MD5", uri="/manager/html",
nonce="bf3c8fa05f1260f6a9d4299d3b
882339", nc=00000001, cnonce="f7710dc1f6683517f0dd8dfd957a50bc",
opaque="0375882
3e3b14892bb4dc34ef834fa13", response="8d3c122778ae3d95564f61a2238c8f51"
[HTTP] C <-- S (412 bytes)
HTTP/1.1 401 Unauthorized
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
WWW-Authenticate: Digest realm="Tomcat Manager Application", qop="auth",
nonce="
d13c9c9d094919b14030f3bff72edc6b", opaque="bd29cf774ee39e6a3cc1c396293be208"
Content-Type: text/html
Content-Language: en-US
Transfer-Encoding: chunked
Date: Sun, 05 Jan 2003 08:49:34 GMT
Server: Apache Coyote/1.0
[HTTP] C <-- S (697 bytes)
2ad
<html><head><title>Apache Tomcat/4.1.18-LE-jdk14 - Error
report</title><STYLE><!
--H1{font-family : sans-serif,Arial,Tahoma;color : white;background-color :
#008
6b2;} H3{font-family : sans-serif,Arial,Tahoma;color :
white;background-color :
#0086b2;} BODY{font-family : sans-serif,Arial,Tahoma;color :
black;background-co
lor : white;} B{color : white;background-color : #0086b2;} HR{color :
#0086b2;}
--></STYLE> </head><body><h1>HTTP Status 401 - </h1><HR size="1"
noshade><p><b>t
ype</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b>
<u>T
his request requires HTTP authentication ().</u></p><HR size="1"
noshade><h3>Apa
che Tomcat/4.1.18-LE-jdk14</h3></body></html>
0
=================================================
Any help would be most appreciated.
/Pankaj Kumar
Home Page: http://www.pankaj-k.net
Web Log: http://www.pankaj-k.net/weblog
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>