tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: [tomcat]How to decrypt the DIGEST authentication?
Date Thu, 01 Nov 2007 10:05:45 GMT
zhongliang zhang wrote:
> Thanks  a lot.I think I got another way to solve the group hierarchical problem,but I
am not sure about it. maybe you can help me to confirm it:I wrote the SQL as followed:create
or replace view groupview asselect         usertable.username,        decode(usertable.locked,0,'Authorizers','UnAuthorizers')
as groupnamefrom        usertablewhere in the usertable there is a field named locked that
indicates whether the user is locked. so now I can allow everyone in the database to login
to the system if the user is Authorizers,and I judge the user's role.The reason I do so is
because there are existed API for doing all these and there are more than thousand users in
the database,though the userid and groupid never be the same.Now I got another problem,the
password stored in the database is encrypted,which is a common way,but the encrypting method
is not using some sql script but SHA.So,How can I parse the clear-text that  I input to SHA
password and then compare with that sto
red
>   in the database? Is there a way that I can capture the clear-text password and using
SHA to encode it then compare it with the password stored in the database?

http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#Digested%20Passwords

Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message