Bug 37984

Summary: JNDIRealm.java not able to handle MD5 password
Product: Tomcat 5 Reporter: Eric Lenio <eric>
Component: CatalinaAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED FIXED    
Severity: normal Keywords: PatchAvailable
Priority: P3    
Version: 5.5.12   
Target Milestone: ---   
Hardware: Other   
OS: other   
Attachments: Handle password digests that are prefixed with "{MD5}".

Description Eric Lenio 2005-12-21 05:51:20 UTC 
I'm using JNDIRealm to authenticate to OpenLDAP 2.2.28.  Within OpenLDAP I've
configured the userPassword attribute for each user to contain the MD5 digest,
and each is prefixed with the string "{MD5}".  I am not an LDAP expert by any
means but I believe this prefix is a standard convention.  Anyway assuming this
is a convention then JNDIRealm needs to strip off the "{MD5}" portion much like
it does with "{SHA1}".  See attached patch which accomplishes this and I
verified it works in my environment.
Comment 1 Eric Lenio 2005-12-21 05:52:39 UTC 
Created attachment 17249 [details]
Handle password digests that are prefixed with "{MD5}".
Comment 2 Mark Thomas 2009-07-01 15:15:50 UTC 
Thanks for the patch and sorry for the delay.

This has been applied to trunk and proposed for 6.0.x and 5.5.x
Comment 3 Mark Thomas 2009-07-07 06:38:16 UTC 
Fixed in 6.0.x and will be included in 6.0.21 omwards
Comment 4 Mark Thomas 2009-07-07 06:59:55 UTC 
This has been fixed in 5.5.x and will be included in 5.5.28 onwards.