tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sefton, Adam" <Adam.Sef...@plc.cwplc.com>
Subject RE: JDBC BASIC authentication and SSL
Date Tue, 11 Jun 2002 16:14:12 GMT
Cheers Jon,

Yes, I mean that I have enabled https.

Thanks for your help ... this is a bit off-topic, but do you have any pointers on how to enable
SSL connections to an Orcale database (I'm using Oracle 8.1.7)?

Thanks

Adam

-----Original Message-----
From: Jonathan Eric Miller [mailto:jemiller@uchicago.edu]
Sent: 11 June 2002 17:01
To: Tomcat Users List
Subject: Re: JDBC BASIC authentication and SSL


When you say that you configured SSL to work, do you mean you enabled HTTPS?
You may also want to enable SSL for the JDBC connection assuming the
database server is on a different host. The problem there is that many
databases don't support SSL. It depends on which DBMS your using. If you
want the password in the database encrypted, you have to use
digest.bat/digest.sh to generate the hashes and then store those hashes in
the database. You also need to set a property for JDBCRealm telling it which
hash algorithm it is that you're using.

Jon

----- Original Message -----
From: "Sefton, Adam" <Adam.Sefton@plc.cwplc.com>
To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
Sent: Tuesday, June 11, 2002 10:44 AM
Subject: JDBC BASIC authentication and SSL


> I am running Tomcat 4.0.3 standalone on Win2k.
>
> I've configured SSL to work and have JDBC realm authentication working
correctly, with BASIC authentication - is this now encrypted? So any admin
servlet I write to add new users to the database .. will the passwords be
encrypted? Or do I need to reference a method of the Realm class to ensure
that this is correctly encrypted?
>
> Also, does anybody know how to set up a custom error page for login
failure using BASIC authentication method.
>
> Thanks for any answers
>
> Adam
>
>
> **********************************************************************
> This message may contain information which is confidential or privileged.
> If you are not the intended recipient, please advise the sender
immediately
> by reply e-mail and delete this message and any attachments
> without retaining a copy.
>
> **********************************************************************
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>
>


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message