Dear tomcat Community I am using cross context (which seems to be easy to configure but in in tomcat 8 hard to run) … so today I downloaded tomcat 9 and I migrated my apps to it. In tomcat 9 cross context is running smoothly (thank you!)
To authenticate my config is using JDBCRealm with a mysql database. The config below ran very well with tomcat 8 but on tomcat 9 accepted only the password digests (which are stored in the table tomcat_users) directly instead of the usual passwords. It seems that the digest algorithm MD5 be here not executed. The config in server.xml is <Realm className="org.apache.catalina.realm.JDBCRealm" connectionName=“..." connectionPassword=“..." connectionURL="jdbc:mysql://127.0.0.1:3306/TOM" digest="MD5" driverName="org.gjt.mm.mysql.Driver" roleNameCol="role_name" userCredCol="password" userNameCol="user_name" userRoleTable="tomcat_users_roles" userTable="tomcat_users"/> The authentication method is FORM for an application and DIGEST for the corresponding API. Both apps sees each other in a cross context. web.xml of the application contains: <login-config> <auth-method>FORM</auth-method> <realm-name>NAME</realm-name> <form-login-config> <form-login-page>/WEB-INF/security/protected/login.jsp</form-login-page> <form-error-page>/WEB-INF/security/protected/error.jsp</form-error-page> </form-login-config> </login-config> What shell I do in order to have with the FORM authentication again a digest password input? Do I have any possibility to debug it (although I should not…) ? Thank you in advance Regards Fabio
signature.asc
Description: Message signed with OpenPGP using GPGMail