For my own growth, I am attempting a very simple exercise: To implement digest authentication for
tomcat's manager app, the better to apply the lessons to production code.
So I have modified the server set up as follows:
server.xml:
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase" digest="md5" />
I then modify manager's web.xml as follows:
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>DIGEST</auth-method>
<realm-name>
TESTING</realm-name>
<!-- <realm-name>Tomcat Manager Application</realm-name> -->
</login-config>
Next, I generate an MD5 password of the following form:
C:\apache-tomcat-6.0.26\bin>digest -a MD5 pendell:TESTING:password
pendell:TESTING:password:3e62d753e47e1278a74c0d7565dbb254
and plug it into tomcat-users.xml as follows:
<role rolename="manager"/>
<user username="pendell" password="3e62d753e47e1278a74c0d7565dbb254" roles="manager"/>
This doesn't work. I get an error 401 -- invalid access -- when I attempt to log onto the page.
I must be doing something wrong, but internet research has failed to turn up the answer.
Again, I am using apache 6.0.26. Is this a known issue? Does the problem go away in version 7?
Respectfully,
Brian P.