diff -Nru apache-tomcat-5.5.29-src/container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java apache-tomcat-5.5.29-src-gil/container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
--- apache-tomcat-5.5.29-src/container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java 2010-03-29 15:49:36.000000000 +0200
+++ apache-tomcat-5.5.29-src-gil/container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java 2010-05-12 07:00:53.000000000 +0200
@@ -99,6 +99,11 @@
/**
+ * Default authentication realm name.
+ */
+ protected static final String REALM_NAME = "Authentication required";
+
+ /**
* The message digest algorithm to be used when generating session
* identifiers. This must be an algorithm supported by the
* java.security.MessageDigest
class on your platform.
diff -Nru apache-tomcat-5.5.29-src/container/catalina/src/share/org/apache/catalina/authenticator/BasicAuthenticator.java apache-tomcat-5.5.29-src-gil/container/catalina/src/share/org/apache/catalina/authenticator/BasicAuthenticator.java
--- apache-tomcat-5.5.29-src/container/catalina/src/share/org/apache/catalina/authenticator/BasicAuthenticator.java 2010-03-29 15:49:36.000000000 +0200
+++ apache-tomcat-5.5.29-src-gil/container/catalina/src/share/org/apache/catalina/authenticator/BasicAuthenticator.java 2010-05-12 07:02:33.000000000 +0200
@@ -194,9 +194,7 @@
CharChunk authenticateCC = authenticate.getCharChunk();
authenticateCC.append("Basic realm=\"");
if (config.getRealmName() == null) {
- authenticateCC.append(request.getServerName());
- authenticateCC.append(':');
- authenticateCC.append(Integer.toString(request.getServerPort()));
+ authenticateCC.append(REALM_NAME);
} else {
authenticateCC.append(config.getRealmName());
}
diff -Nru apache-tomcat-5.5.29-src/container/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java apache-tomcat-5.5.29-src-gil/container/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java
--- apache-tomcat-5.5.29-src/container/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java 2010-03-29 15:49:36.000000000 +0200
+++ apache-tomcat-5.5.29-src-gil/container/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java 2010-05-12 07:03:44.000000000 +0200
@@ -406,8 +406,7 @@
// Get the realm name
String realmName = config.getRealmName();
if (realmName == null)
- realmName = request.getServerName() + ":"
- + request.getServerPort();
+ realmName = REALM_NAME;
byte[] buffer = null;
synchronized (md5Helper) {
diff -Nru apache-tomcat-5.5.29-src/container/webapps/docs/changelog.xml apache-tomcat-5.5.29-src-gil/container/webapps/docs/changelog.xml
--- apache-tomcat-5.5.29-src/container/webapps/docs/changelog.xml 2010-03-29 15:49:53.000000000 +0200
+++ apache-tomcat-5.5.29-src-gil/container/webapps/docs/changelog.xml 2010-05-12 07:08:18.000000000 +0200
@@ -1106,6 +1106,11 @@
{cleartext-password}
must be replaced with
{username}:{realm}:{cleartext-password}
. For example, in a
development environment this might take the form
- testUser:localhost:8080:testPassword
.
testUser:Authentication required:testPassword
. The value for
+ {realm}
is taken from the <realm-name>
+ element of the web application's <login-config>
. If
+ not specified in web.xml, the default value of Authentication
+ required
is used.
To use either of the above techniques, the
$CATALINA_HOME/server/lib/catalina.jar
file will need to be