tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: Digested passwords stored in tomcat-users.xml by admin application?
Date Wed, 22 Jul 2009 22:05:23 GMT
> From: Kurt Heberlein [mailto:kurth@3pardata.com]
> Subject: Digested passwords stored in tomcat-users.xml by admin
> application?
> 
> is there a way to make the admin application 

If you're referring to the admin application that comes with older versions of Tomcat, that's
a dead end.  (Note that you didn't bother to tell us what version of Tomcat you're using.)

> Each new user created gets put in the file with a 
> cleartext password.

What file?  If you're referring to conf/tomcat-users.xml, you should not be using that in
production.  Better to configure a proper <Realm> with some sort of database or LDAP
server behind it:
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message