tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 51966] Tomcat does not support ssha hashed passwords in all contexts
Date Sat, 01 Feb 2014 17:27:14 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51966

Gabriel <gabrielesanchez@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |gabrielesanchez@gmail.com

--- Comment #14 from Gabriel <gabrielesanchez@gmail.com> ---
I am relatively new to Tomcat.  Has any progress been made on this issue?  I
would like to use Tomcat with DataSourceRealm for a web application but am not
willing to store user passwords without salting them, preferably with
arbitrarily sized salt.  I am surprised that this hasn't been addressed and
that fixing the issue is not a priority.  Are there alternatives I am not aware
of that people are using, and is that why adding support for salt is not a
priority?

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message