tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Tomcat 9 realm datasource digest attribute
Date Tue, 14 Jun 2016 19:45:05 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hardibo,

On 6/11/16 2:24 PM, Hardibo Pierre-Jean wrote:
> yes finally i puted that inside of my Realm Tag :
> 
> <CredentialHandler
> 
> className="org.apache.catalina.realm.MessageDigestCredentialHandler"
>  algorithm="md5"  / >

That will work.

However you can do much better than using MD5 for password storage.

Please help us stamp-out the use of MD5 worldwide for password
storage, and more to more secure password storage.

http://people.apache.org/~schultz/ApacheCon%20NA%202016/Seamless%20Upgra
des%20for%20Credential%20Security%20in%20Apache%20Tomcat.pdf

I'll try to get that onto the Tomcat site.

- -chris

> Le 11/06/2016 20:21, Felix Schumacher a écrit :
>> 
>> Am 10. Juni 2016 22:12:02 MESZ, schrieb Hardibo Pierre-Jean 
>> <contact@hardibopj.com>:
>>> Hello, it seems realm's digest attribute is depreciated in
>>> tomcat9, how
>>> 
>>> can i replace it ? (MD5) thanks
>> I think you are looking for the nested component
>> CredentialHandler ( 
>> http://tomcat.apache.org/tomcat-9.0-doc/config/credentialhandler.html
>> ).
>> 
>> Chris gave a talk about them at the last apache con.
>> 
>> Regards, Felix
>> 
>>> --------------------------------------------------------------------
- -
>>>
>>> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>> 
>> ---------------------------------------------------------------------
>>
>> 
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>> 
> 
> 
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAldgXsEACgkQ9CaO5/Lv0PA5nQCdFBZspk23PhDx53PO++MPjFjE
1uUAn1IYpZ7rnMdCogHz+1nh4l6CfoTi
=f1go
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message