Hello, I believe I am running tomcat 8.0 (although when I call the getServerInfo() method of the implicit ServletContext Object It tells me that I am running on 7.54)
I configured my realm element in my context.xml file as follows (based on the howto guide: https://tomcat.apache.org/tomcat-8.0-doc/realm-howto.html): <Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99" dataSourceName="jdbc/board" localDataSource="true" userTable="test_user" userNameCol="Email" userCredCol="HashedPassword" userRoleTable="test_user_role" roleNameCol="Role"> <CredentialHandler className="MessageDigestCredentialHandler" algorithm="SHA-1" iterations="1000" saltLength="48"/> </Realm> However, despite the password being stored in the format described in your "how to" manual (ie:{salt}${iterations}${password}), authentication fails. I assume that this is because something in my <Realm> configuration is wrong. I was not able to find an answer on online help forums. I also couldn't find a way to call the initialized DataSourceRealm Object's digest method when inputting the HashedPassword (ie: I had to calculate salt and hash on my own using the SHA-1 algorithm). Perhaps this also has something to do with why authentication is failing? Thank you