tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Holger de Wall <...@lkv-sh.de>
Subject Re: help: want to encrypt Tomcat user passwords
Date Tue, 27 Jan 2004 12:14:00 GMT
Hy,

> I am using jdbcrealm to store the username and passwords in the Oracle 9I
> database. But th passwords are stored as plain Texts. I want to encrypt the
> passwords. How can I do it? Is there any InBuilt feature in Tomcat?

look at 
http://localhost:8080/tomcat-docs/realm-howto.html#Digested%20Passwords
for creating encrypted passwords on STDOUT.

then alter the table users:
alter table users add user_md5 varchar(255,20);

insert the encrypted password from STDOUT

put the 'digest'-attribute in the Realm-section and change the attribute 
userCredCol:
<Realm	className="org.apache.catalina.realm.JDBCRealm"
	debug="99"
	driverName="yourOracle-driver"
        connectionURL="yourAuthorityDb;"
	connectionName="tomcat"
	connectionPassword="tomcat"
	userTable="users"
	userNameCol="user_name"
	userCredCol="user_md5"
	userRoleTable="user_roles"
	roleNameCol="role_name"
        digest="MD5" />



-- 
Holger de Wall
LKV-SH, Steenbeker Weg 151, Kiel 24106
Tel.   : +049 431-33987-38
Fax   : +049 431-33987-20


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message