You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2005/12/21 05:51:21 UTC
DO NOT REPLY [Bug 37984] New: - JNDIRealm.java not able to handle MD5 password
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37984>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=37984
Summary: JNDIRealm.java not able to handle MD5 password
Product: Tomcat 5
Version: 5.5.12
Platform: Other
OS/Version: other
Status: NEW
Keywords: PatchAvailable
Severity: normal
Priority: P3
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: eric@lenio.net
I'm using JNDIRealm to authenticate to OpenLDAP 2.2.28. Within OpenLDAP I've
configured the userPassword attribute for each user to contain the MD5 digest,
and each is prefixed with the string "{MD5}". I am not an LDAP expert by any
means but I believe this prefix is a standard convention. Anyway assuming this
is a convention then JNDIRealm needs to strip off the "{MD5}" portion much like
it does with "{SHA1}". See attached patch which accomplishes this and I
verified it works in my environment.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 37984] - JNDIRealm.java not able to handle MD5 password
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37984>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=37984
------- Additional Comments From eric@lenio.net 2005-12-21 05:52 -------
Created an attachment (id=17249)
--> (http://issues.apache.org/bugzilla/attachment.cgi?id=17249&action=view)
Handle password digests that are prefixed with "{MD5}".
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org