[JDEV] 0K Authentication

Iain Shigeoka iainshigeoka at yahoo.com
Fri Oct 12 10:21:19 CDT 2001

At 09:48 PM 10/11/2001 -0700, you wrote:
>I finally got it working!  You know what the problem was?  Apparently the 
>algorithm was fine, but your answer took out one issue that I didn't have 
>to worry about...  However, it triggered another issue that I never 
>thought about...
>Hashing lowercase hex is all good.. But also I have to return the final 
>hash result in lowercase back to the server... Apparently, the server will 
>not lowercase it first before starting to apply the hash..
>I lowercased the final hash and sent it back to the server and it accepted it!
>So just curious, should the server side at least implement a function such 
>that the returned hash should be case insensitive rather than case 
>sensitive?  (And probably mention this in the JEP too)... I think the 
>server should accomodate this and lowercase the authentication hash 
>received from the client before hashing..
>What do you think?

I would agree.  Hex numbers are (should be) case insensitive.  if the 
server can't accept upper case hex numbers I think it is a server bug.


Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

More information about the JDev mailing list