Thanks Andrew,
But,I'm using XML to store my whole data (this is requirement
of the product)
We are not at all using any database.
So with this regard, would u like to comment something
more ?
Also can u suggest some resource for
: creating my own cutomized "authentication module" ?
Thanks in advance.
Regards,
-Amit.
----- Original Message -----
Sent: Wednesday, March 07, 2001 3:37
PM
Subject: Re: Form Based Authentication
with Encryption
Hi Amit, I'm using 3.2 so details
may vary. What you want to do is write your own authentication
module. Easier than it sounds. Just take a copy of the authentication
module you are using (SimpleRealm?) to use as a base for your own code. Add
in the functionality you want, compile and include in
TOMCAT_HOME/lib/webserver.jar Edit server.xml to use your custom
authentication module. Also, I'd recommend you look at JDBCRealm so that
you can store usernames and passwords in a database. Quite apart from the
other advantages you may then be able to take advantage of the db's
encryption facilities (e.g. MySql's Password function) and save
yourself the bother of writing your own.
Hope this
helps Andrew
On Wed, 07 Mar 2001, you wrote: > > Hi
All, > > I'm using tomcat 4.0 Beta1. > I successfully tested
out the form based authentication provided with tomcat. > >
But , the main problem with it is : It uses plain text to store
users,roles and passwords > in the "tomcat-users.xml"
file placed in TOMCAT_HOME\conf. > > Is there any plugin for
tomcat to encrypt the passwords stored in this file ? > or is there
any round-about to do so. > > Thanking you in
advance. > > With Regards, > -Amit >
E-Mail:[EMAIL PROTECTED] > Sansui Software Pvt.
Ltd.,Pune
|