Various DIGEST improvements ported from Tomcat 7 This fixed CVE-2012-3439 Apache Tomcat DIGEST authentication weaknesses