This week's giveaway is in the Spring forum.
We're giving away four copies of REST with Spring (video course) and have Eugen Paraschiv on-line!
See this thread for details.
The moose likes Tomcat and the fly likes base64 encoding for digests Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "base64 encoding for digests" Watch "base64 encoding for digests" New topic

base64 encoding for digests

sujen maharjan

Joined: Jun 20, 2009
Posts: 2
the default encoding used for digest passwords in HEX in tomcat and glassfish as well, whereas it base64 in JBoss. I don't see the place where I can define the encoding for digest passwords as base64.
Can anyone help?

thanks in advance
sujen maharjan

Joined: Jun 20, 2009
Posts: 2
Hello ,
when I specify the digest algorithm for password in the datasource realm as "MD5 as below

<Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99" localDataSource="true" digest="MD5 ......... />"

the digest password so generated is encoded in "HEX" by default.
But I want this to be encoded in "BASE64".
There is an option in JBoss to specify the hashEncoding along with hashAlgorithm as below:

<application-policy name ="........">
<login-module code = "" flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name = "dsJndiName">java:/jdbc/LoginDs</module-option>
<module-option name="principalsQuery">select passwd as PASSWORD from users where user_name=?</module-option>
<module-option name="rolesQuery">select role_name as Role, 'Roles' from user_roles where user_name=?</module-option>
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">base64</module-option>

There is "digestEncoding" attribute in Realm but I don't think I can specify the hashEncoding value "BASE64" in this attribute.

Is there any way that I can specify the encoding as base64 in tomcat for digest password?

I agree. Here's the link:
subject: base64 encoding for digests
It's not a secret anymore!