-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Brian,
Your email was tough to parse-out of the thread, so I'm going to heavily edit-down the text. I hope I didn't miss anything. On 9/25/16 9:06 PM, Paquin, Brian wrote: > I tried using the following in server.xml: <Realm > className="org.apache.catalina.realm.UserDatabaseRealm" > resourceName="UserDatabase"> <CredentialHandler > className="org.apache.catalina.realm.MessageDigestCredentialHandler" > algorithm="SHA-256" iterations=“24680" saltLength="18" /> </Realm> > > And then using: /usr/local/tomcat/bin/digest.sh -a SHA-256 -i 24680 > -s 18 secret_password > > And got back: > secret_password:9618b621a88fcee9c44aa93f39ddb063$58761$8ga9a0896a10f1b 26w91729qfc3786d74ac95223e092faf996500dc532a74905 > > I then added that to my tomcat-users.xml: <user > username=“my_username" > password="9618b621a88fcee9c44aa93f39ddb063$58761$8ga9a0896a10f1b26w917 29qfc3786d74ac95223e092faf996500dc532a74905" > roles=“manager-gui,admin,admin-gui”/> > > After stopping and starting Tomcat, manager asks for credentials > but does not accept them. What have I got wrong? Is it still accepting them if you put the plaintext version of the password into tomcat-users.xml? > (I was hoping to use PBKDF2 but it did not appear that digest.sh > would accept PBKDF2 as an algorithm.) Try using "PBKDF2WithHmacSHA1" as the algorithm. [1] https://tomcat.apache.org/tomcat-8.0-doc/config/credentialhandler.html#S ecretKeyCredentialHandler - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJX6tjUAAoJEBzwKT+lPKRYMDUP/jLzRdR2tjsYAE5oRF87gtq7 AJpxY19s2phoUFq9r5fMX4TL5eKCTqzonvqkwA6PcyOPjqK47lubnJWrHXEnyEFR JCv0HM/8gYuKc5TJBbM2uOMJJhhXlOjmrQNHtwjCNU/pCzHtPfJdmiKDbtG39r/T pWqG/SZrxmxupgPDnGeEEnp4azc5Wml0UP1KEHr+M2OCR2DZugRUi10MoDwPD+uV WQ0suCztjYCU0MB98b6EHTZogl9xpRZaSj4MyAqmzQIr3bbuFAL5R886UEHMrJ0Z ncbt8IqvyBoY6RFN8gqZDzRlCUjYB7mDz0swzU4Qptfvft51qQwgQp1LmZ9TZSfv HKNMp8LOMIigzTwWxX/VrRksXlV+itl94IbbgVOrBLQ3sRMq+bg8uwmgZCY0Q46O AgY4wEra5K4JJntJTSx0ttCrpgwP1r1MNdg8D2dQAPh7QBJ3X0NLApZ5aAnfpYJy ar4iSSEx90meCrsukZcmOicqxaJ63vXbUqYuTTVlVm1N48J61wRMmQuNS2tPoMgH nrPl/67xNwA+4iSe1pu1Hu0GVBPTGdWTgO4tOSupVhjS63OqXDxPOTlANgqGM7xW PCk/gjtwRR4VK3caV7T+hZiHbyGZqyRlAVwA6J9cw0ASS4+1ZQYLwbBB0jOE4y0y akjETJUf5x+5qyq0BWqA =g6Ib -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org