Open padcom opened 9 years ago
From MALfunct...@gmail.com on December 12, 2013 08:53:03
Hopefully this is possible using Spring Security.
Summary: HTTP-Digest Authentication doesn't work (was: HTTP-Digest-Authentication broken in psi-probe, but working in Tomcat Manager)
Status: Accepted
From ne...@metawerx.net on November 26, 2013 13:30:01
What steps will reproduce the problem? 1. Set up and verify a working HTTP-Digest-Authentication setup, including a manager user with a hashed password in tomcat-users.xml to verify Digest-Authentication is working first (steps detailed on Tomcat site)
HTTP/1.1 401 Unauthorized Cache-Control: private Expires: Thu, 01 Jan 1970 10:00:00 EST WWW-Authenticate: Digest realm="PSI Probe", qop="auth", nonce="1111111111111:abababababababababababababababab", opaque="23598295820985092859025895152251" Content-Type: text/html;charset=utf-8 Content-Language: en Content-Length: 951 Date: Tue, 26 Nov 2013 12:23:16 GMT Server: Server
However, even through the client sends back the correct user/password combination, they cannot authenticate.
The same user works on Tomcat Manager with Digest Auth enabled.
I was able to make it work by:
It would be great if this was fixed so that psi-probe could be used as a replacement for Tomcat Manager in more secure environments.
Keep up the great work! Best Regards, Neale Rudd Metawerx Pty Ltd
Original issue: http://code.google.com/p/psi-probe/issues/detail?id=383