tags:

views:

86

answers:

1

I'm trying to get a digest password setup for the tomcat manager application.

I've got

<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase" digest="MD5"/>

in my tomcat server.xml changed the manager web application's web.xml to use digest and changed the realm name to TESTING:

<login-config>
    <auth-method>DIGEST</auth-method>
    <realm-name>TESTING</realm-name>
  </login-config>

I then used the included bat file to generate the md5 hash:

C:\tomcat6\bin>digest.bat -a MD5 tomcat:TESTING:testor
tomcat:TESTING:testor:1926e50988667dbd5deda9df02b82f28

I then have a user in tomcat-users.xml with that digested hash as a password:

<!-- testor -->
  <user username="tomcat" password="1926e50988667dbd5deda9df02b82f28" roles="manager"/>

I've also modifed the 401.jsp page to use digest and TESTING as the realm name.

I start up the web app, go to http://localhost:8080/manager/html and am prompted with the standard form. Typing in tomcat as the user, and testor as the password, I hit enter only to get a 401. I of course try again and again get a 401.

I'll probably go with BASIC authentication over SSL in the end since ant can't do digest, as far as I know.

But is there anyway to do this?

A: 

Your question helped me to solve same problem. You should use digest.sh -a MD5 tomcat:UserDatabase:testor

bransky
I'll give it a go in a the next few days and hit my head when it works. Thanks
ClutchDude