tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralph Einfeldt" <ralph.einfe...@uptime-isc.de>
Subject AW: Digested Passwords and Oracle 8.1.7
Date Wed, 23 Oct 2002 08:16:32 GMT
That solution is not recommended:

- Connecting for each user counteracts
  the use of connection pools. For most 
  databases connecting to a db takes much 
  more time than performing a select on a 
  given connection.

- To implement this you have to implement your 
  own realm, as the db realm that is delivered 
  with tomcat assumes that user, password and 
  roles are store in tables and are accessed 
  through a unique database user for all requests.

- Each user needs an own database account.

> -----Urspr√ľngliche Nachricht-----
> Von: jattwood@hgmp.mrc.ac.uk [mailto:jattwood@hgmp.mrc.ac.uk]
> Gesendet: Mittwoch, 23. Oktober 2002 09:46
> An: tomcat-user@jakarta.apache.org
> Betreff: RE: Digested Passwords and Oracle 8.1.7
> 
> You could get Oracle to do the work for you by trying to connect
> to your database with the user's login name and password. If yu
> succeed then the password was valid, otherwise it isn't. That way
> you don't need to know the encryption algorithm.
> 

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message