Issue jetty#2039 - Updated documentation examples.

Baqend · Dec 13, 2017 · ce819b5 · ce819b5
1 parent 8665348
commit ce819b5
Showing 1 changed file with 29 additions and 15 deletions.
diff --git a/jetty-documentation/src/main/asciidoc/configuring/security/secure-passwords.adoc b/jetty-documentation/src/main/asciidoc/configuring/security/secure-passwords.adoc
@@ -26,11 +26,6 @@ The drawback of the obfuscation algorithm is that it protects passwords *from ca
 
 When the stored password is compared to one a user enters, the handling code can apply the same algorithm that secures the stored password to the user input and compare results, making password authentication more secure.
 
-____
-[NOTE]
-When using the `DIGEST` method in tandem with an MD5 hash, you must hash the entire `user:realm:password` string or you will encounter issues with authenticating.
-____
-
 The class `org.eclipse.jetty.util.security.Password` can be used to generate all varieties of passwords.
 
 Run it without arguments to see usage instructions:
@@ -43,15 +38,16 @@ Usage - java org.eclipse.jetty.util.security.Password [<user>] <password>
 If the password is ?, the user will be prompted for the password
 ....
 
-For example, to generate a secured version of the password "blah" for the user "me":
+For example, to generate a secured version of the password `password` for the user `username`:
 
 [source, screen, subs="{sub-order}"]
 ....
-$ java -cp lib/jetty-util-{VERSION}.jar org.eclipse.jetty.util.security.Password me blah
-blah
-OBF:20771x1b206z
-MD5:639bae9ac6b3e1a84cebb7b403297b79
-CRYPT:me/ks90E221EY
+$ java -cp ../lib/jetty-util-{VERSION}.jar org.eclipse.jetty.util.security.Password username password
+2017-12-13 11:19:27.928:INFO::main: Logging initialized @95ms to org.eclipse.jetty.util.log.StdErrLog
+password
+OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v
+MD5:5f4dcc3b5aa765d61d8327deb882cf99
+CRYPT:usjRS48E8ZADM
 ....
 
 If using a external tool to create/verify the MD5 hash (such as `md5sum` or `md5`), be sure to verify a carriage return (CR) or new line is not added.
@@ -60,12 +56,30 @@ For example:
 [source, screen, subs="{sub-order}"]
 ....
 //With a CR included
-$ echo Jetty | md5sum
-bca10872e52ccc5c4a22bf23ef4d5843 *-
+$ echo password | md5sum
+286755fad04869ca523320acce0dc6a4 *-
 
 //Using the `-n` option to exclude a new line from being added.
-$ echo -n Jetty | md5sum
-95dd2e7e150f2e8a04c35a78cb15b3e5 *-
+$ echo -n password | md5sum
+5f4dcc3b5aa765d61d8327deb882cf99 *-
+....
+
+____
+[IMPORTANT]
+When using the `DIGEST` method in tandem with an MD5 hash, you must hash the entire `user:realm:password` string or you will encounter issues with authenticating.
+____
+
+[source, screen, subs="{sub-order}"]
+....
+$ java -cp ../lib/jetty-util-9.4.7.v20170914.jar org.eclipse.jetty.util.security.Password username username:realm:password
+2017-12-13 11:34:33.263:INFO::main: Logging initialized @97ms to org.eclipse.jetty.util.log.StdErrLog
+username:realm:password
+OBF:1w281yf41v1x1z7e1xmi1v1p1tvv1v901c3j1x8k1ugo1ri71uh21x8a1c3j1v9m1tv71v2p1xms1z7o1v2h1yf21w1a
+MD5:66999343281b2624585fd58cc9d36dfc
+CRYPT:usulxZfApLefk
+
+$ echo -n username:realm:password | md5sum
+66999343281b2624585fd58cc9d36dfc *-
 ....
 
 You can now cut and paste whichever secure version you choose into your configuration file or Java code.