I have been searching and searching and trying to get this running, and am running out of time and hair in which to get this done. Has anyone gotten DIGEST authentication working properly in Tomcat 5?
I understand that there is a bug within IE5/IE6 in connecting to apache DIGEST login prompts, but even Firefox will not complete authentication and gives error 401 when trying to login.
Details:
JDBC Realm defined with SHA digest inside <Engine> in server.xml
DIGEST authentication with SHA algorithm defined in <login-config> of application's web.xml with <security-container> defined encompassing application pages.
Actions and Results (using Firefox):
- Set the SHA definition in both Realm and login-config. Try DIGEST login => Error 401.
- Set SHA definition in Realm, but set BASIC authentication in login-config. Try BASIC login => Server takes login information in plaintext, but digests password before sending to database. Login successful.
- Set BASIC authentication in Realm but SHA DIGEST in login-config. Try DIGEST login => Error 401.
Can anyone shed some light on this, please?
TIA.