Bug 37984

Summary: JNDIRealm.java not able to handle MD5 password
Product: Tomcat 5 Reporter: Eric Lenio <eric>
Component: CatalinaAssignee: Tomcat Developers Mailing List <dev>
Severity: normal Keywords: PatchAvailable
Priority: P3    
Version: 5.5.12   
Target Milestone: ---   
Hardware: Other   
OS: other   
Attachments: Handle password digests that are prefixed with "{MD5}".

Description Eric Lenio 2005-12-21 05:51:20 UTC
I'm using JNDIRealm to authenticate to OpenLDAP 2.2.28.  Within OpenLDAP I've
configured the userPassword attribute for each user to contain the MD5 digest,
and each is prefixed with the string "{MD5}".  I am not an LDAP expert by any
means but I believe this prefix is a standard convention.  Anyway assuming this
is a convention then JNDIRealm needs to strip off the "{MD5}" portion much like
it does with "{SHA1}".  See attached patch which accomplishes this and I
verified it works in my environment.
Comment 1 Eric Lenio 2005-12-21 05:52:39 UTC
Created attachment 17249 [details]
Handle password digests that are prefixed with "{MD5}".
Comment 2 Mark Thomas 2009-07-01 15:15:50 UTC
Thanks for the patch and sorry for the delay.

This has been applied to trunk and proposed for 6.0.x and 5.5.x
Comment 3 Mark Thomas 2009-07-07 06:38:16 UTC
Fixed in 6.0.x and will be included in 6.0.21 omwards
Comment 4 Mark Thomas 2009-07-07 06:59:55 UTC
This has been fixed in 5.5.x and will be included in 5.5.28 onwards.