tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Eric Miller" <>
Subject Password changes only take effect upon restart of Tomcat?
Date Thu, 20 Jul 2000 21:05:15 GMT
I've been playing around with the basic HTTP authentication in Tomcat and it
seems to be working fine.

However, it seems that when you change a user's password in
tomcat-users.xml, it isn't until you restart the server that the password
change takes affect.

I can see why one might take this approach so as to not slow the server down
always re-reading the password file. However, this behavior is different
from Apache Web Server.

Would it be possible to make it so that the file gets re-read when it is

The reason I ask is because I have an application that allows users to
change their passwords through the application itself. Therefore, it isn't
desirable to have to restart the Web server everytime a user changes their

Another feature that would be nice is if the passwords were encrypted using
crypt or MD5 or something. I know I ask a lot! You guys are doing a great
job and I'm sure that you are probably busy working on other things! ;-)


View raw message