So I set up jdbcRealm and a small test app that successfully logged me in. It
recognized the groups I set up in the database etc. When I created the
security realm in glassfish I added MD5 to the digest authentication field.
But I noticed when checking the http headers on the client I saw no "nonce"
attributes. See the FORMAUTH_no-nonce... file attached. When I switch to
DIGEST authentication in web.xml, I see a nonce in the http header on the
client. The problem is I can't then used form based logins and have an ugly
popup login from the browser. See the DIGESTAUTH_nonce... file attached. How
would I get digest authentication using jdbcRealm and FORM based
authentication to do http Digest Authentication with the client browser on
Glassfish 3.1.2? I know it has to be there somewhere but I would appreciate a
leg up to figure this out. Do I have to manually code this in order to make
it work. It seems odd if this were the case since there is a built in
mechanism already (which unfortunately doesn't seem to include a form based
login supporting custom forms). I have seen someone mention a
jdbcDigestRealm, but don't see that anywhere in the glassfish source. Is this
from an earlier version or do you suspect it is from some customized
implementation? Any help appreciated. Regards, BillR
--
[Message sent by forum member 'billick']
View Post: http://forums.java.net/node/884786