tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Gunnar.Bost...@tietoenator.com>
Subject Re: Hide Users password when using JMX
Date Tue, 06 May 2008 14:16:07 GMT
Hi,
Thanks for answering.
All "regular" users are in a database with passwords MD5 encoded, but not handled by Tomcat.
The concern I have is the users tomcat and manager that must be in the 
tomcat-users.xml file or don't they?

Regards
Gunnar

 

> -----Ursprungligt meddelande-----
> Från: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com] 
> Skickat: den 6 maj 2008 16:03
> Till: Tomcat Users List
> Ämne: RE: Hide Users password when using JMX
> 
> > From: Gunnar.Bostrom@tietoenator.com
> > [mailto:Gunnar.Bostrom@tietoenator.com]
> > Subject: Hide Users password when using JMX
> > 
> > But I don't like that password of Users are revealed.
> 
> To quote from the Tomcat doc:
> 
> "MemoryRealm is a simple demonstration implementation of the 
> Tomcat 6 Realm interface. It is not designed for production use."
> 
> You shouldn't be using the tomcat-users.xml file for any serious work.
> Configure a real <Realm> with a real authentication mechanism.
> 
>  - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE 
> PROPRIETARY MATERIAL and is thus for use only by the intended 
> recipient. If you received this in error, please contact the 
> sender and delete the e-mail and its attachments from all computers.
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org To 
> unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message