tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk Brockmann <>
Subject digesting passwords with the admin tool
Date Mon, 29 Sep 2003 11:21:49 GMT
Hi List,
I have just installed tomcat-4.1.27 and everything is working
well. For security reasons I was trying to use MD5-digested passwords
by means of the digest="MD5" keyword in the Memory Realm.
Placing a digested password in the tomcat-user.xml file I can 
authenticate myself
for example to use the manager and admin webapps.
However, if I use the admin tool in order to add a new user
the password associated with the new user is written
into the tomcat-user.xml file in clear text and consequently
the new user cannot authenticate because digest="MD5" is defined
in the Realm. Is there any way I can tell the admin tool
to digest the passwords and then write them into the file.
Any help would be greatly appreciated.

View raw message