" How to use MD5 algorithm to provide Authentication in HTTPS ( SSL) Scenario"

" How to use MD5 algorithm to provide Authentication in HTTPS ( SSL) Scenario"

Post by Randall R » Fri, 05 Sep 2003 23:25:49


Narendra,

The MD5 generation built into the Java standard libraries computes the
same value as the Gnu "md5sum" command and that used in Tomcat.

I'm no expert, but I believe there's a standardized definition of the
MD5 sum and all these disparate pieces of software conform to that
specification.

I've personally used the "md5sum" command to generate password strings
for my ".../conf/tomcat-users-xml" file:

% echo -n "notAPassword" | md5sum
99e07302c704b1738de4ed384c499633 *-

Note the "-n" option which, for BASH's built-in "echo" command,
suppresses the trailing newline. This is critical to get the correct
result. If you use a different shell or echo command, be sure to use
the appropriate option to suppress the trailing newline. If you put
the password into a file, the same consideratino applies. The "md5sum"
command processes each byte in the file.

Randall Schulz