tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Larry Meadors <larry.mead...@gmail.com>
Subject Re: How to get user's password from tomcat
Date Sat, 04 Jun 2005 22:06:07 GMT
Since we're talking tomcat, you can generally cast the principle to
generic principle:
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/realm/GenericPrincipal.html

It has a getPassword() method.

I do not know if that password gets hashed...it never was with any of
the realms i have used.

Larry

On 6/4/05, Digby <lists@digby.net> wrote:
> I'm not sure you're supposed to be able to get it. Also, what would you
> expect to get if the password was hashed?
> 
> Can you not just read the password from the database / ldap source?
> 
> Digby
> 
> 
> Larry Meadors wrote:
> > The principle may contain it, but you would have to get it via
> > reflection or cast it to it's original type to see it.
> >
> > Larry
> >
> >
> > On 6/2/05, Jo <jojada@speedlegal.com> wrote:
> >
> >>Hi all,
> >>
> >>Once Tomcat has authenticated a login, we can get the the authenticated
> >>user's name from the request's getRemoteUser() or getUserPrincipal()
> >>methods.
> >>Is there a way to get the user's password when the authentication type is
> >>form-based or single-sign-on ?
> >>
> >>Thanks a lot.
> >>Jo.-
> >>
> >>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >>
> >>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message