Dear tomcat Community I am using cross context (which seems to be easy to configure but in in tomcat 8 hard to run) … so today I downloaded tomcat 9 and I migrated my apps to it. In tomcat 9 cross context is running smoothly (thank you!)
To authenticate my config is using JDBCRealm with a mysql database. The config
below ran very well with tomcat 8 but on tomcat 9 accepted only the password
digests (which are stored in the table tomcat_users) directly instead of the
usual passwords. It seems that the digest algorithm MD5 be here not executed.
The config in server.xml is
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionName=“..." connectionPassword=“..."
connectionURL="jdbc:mysql://127.0.0.1:3306/TOM" digest="MD5"
driverName="org.gjt.mm.mysql.Driver" roleNameCol="role_name"
userCredCol="password" userNameCol="user_name"
userRoleTable="tomcat_users_roles" userTable="tomcat_users"/>
The authentication method is FORM for an application and DIGEST for the
corresponding API. Both apps sees each other in a cross context.
web.xml of the application contains:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>NAME</realm-name>
<form-login-config>
<form-login-page>/WEB-INF/security/protected/login.jsp</form-login-page>
<form-error-page>/WEB-INF/security/protected/error.jsp</form-error-page>
</form-login-config>
</login-config>
What shell I do in order to have with the FORM authentication again a digest
password input? Do I have any possibility to debug it (although I should not…) ?
Thank you in advance
Regards
Fabio
signature.asc
Description: Message signed with OpenPGP using GPGMail
