Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] MD5 password obfuscation not cooperating
I know HTTP 'Digest' is not recommended for production, but the use case is an internal web service that doesn't rise to requiring certificates, SSL, etc.
Actual deployment is on Tomcat 7, where everything went very smoothly. However, the test framework relies on Jetty 9 under 'gretty' as part of the build process and that's where I ran into problems.
If I setup the realm.properties file to hold the password in plain-text, it works fine, but an MD5 hash does not. I tried generating the hash using both md5sum at the command line and the Apache Tomcat 'digest.sh' tool. Both generate identical results. I placed the hash in the properties file with an 'MD5:' prefix per documentation but it simply does not authenticate.
Since plain-text works, I have to assume the problem is either a Jetty bug or misunderstanding on my part. Would appreciate some input on this problem - thanks! 



--

Back to the top