Thanks Mark for your clarifications.
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, 7 de June de 2021 11:42, Mark Thomas <ma...@apache.org> wrote: > On 07/06/2021 09:56, xcorpius wrote: > > > Hello again! > > Checking the documentation ... Tomcat can create an encrypted password with > > the "digest.sh" tool for application passwords. > > But you cannot create an encrypted password for the DB in the context.xml > > file. The only solution without adding anything is to give restrictive > > permissions to the context.xml file. > > Wouldn't it be the same problem? > > No. > > > Why can't I generate an encrypted password for the database with the > > "digest.sh" tool instead of having to use a customized "factory"? > > Digesting != encrypting. > > Digests are one-way functions. A digested password is no use to a client > that needs to authenticate itself to a server. > > > I think people who develop Tomcat should consider this option. > > Fortunately, the Tomcat committers have a sufficiently sound > understanding of both basic logic and basic cryptography not to waste > their time on such an exercise. > > Mark > > > Thank you very much to all. > > Xcorpius > > Sent with ProtonMail Secure Email. > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On Friday, 30 de April de 2021 11:21, xcorpius xcorp...@protonmail.com > > wrote: > > > > > :-) > > > Sent with ProtonMail Secure Email. > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > > On Monday, 26 de April de 2021 19:03, jonmcalexan...@wellsfargo.com wrote: > > > > > > > And when that isn't good enough for your senior management, take a look > > > > at the Tomcat Vault in GITHUB. :-) > > > > Dream * Excel * Explore * Inspire > > > > Jon McAlexander > > > > Infrastructure Engineer > > > > Asst Vice President > > > > Middleware Product Engineering > > > > Enterprise CIO | Platform Services | Middleware | Infrastructure > > > > Solutions > > > > 8080 Cobblestone Rd | Urbandale, IA 50322 > > > > MAC: F4469-010 > > > > Tel 515-988-2508 | Cell 515-988-2508 > > > > jonmcalexan...@wellsfargo.com > > > > Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, > > > > 11/27/2020, 12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, > > > > 12/29/2020, 12/30/2020, 12/31/2020 > > > > This message may contain confidential and/or privileged information. If > > > > you are not the addressee or authorized to receive this for the > > > > addressee, you must not use, copy, disclose, or take any action based > > > > on this message or any information herein. If you have received this > > > > message in error, please advise the sender immediately by reply e-mail > > > > and delete this message. Thank you for your cooperation. > > > > > > > > > -----Original Message----- > > > > > From: xcorpius xcorp...@protonmail.com.INVALID > > > > > Sent: Monday, April 26, 2021 8:36 AM > > > > > To: users@tomcat.apache.org > > > > > Subject: Re: Question about encrypting database passwords in the > > > > > context.xml file - Tomcat 9 > > > > > Thanks Olaf!!!! > > > > > -------- Mensaje original -------- > > > > > On 26 abr. 2021 14:02, Olaf Kock escribió: > > > > > > > > > > > On 26.04.21 13:10, xcorpius wrote: > > > > > > > > > > > > > Hi, > > > > > > > I wanted to ask about how to encrypt database passwords in the > > > > > > > context.xml file in Tomcat 9. > > > > > > > > > > > > > > > > > > > > > > > > > Hi, > > > > > > please check this article: > > > > > > > > > > https://urldefense.com/v3/https://cwiki.apache.org/confluence/display/ > > > > > TOMCAT/Password;!!F9svGWnIaVPGSwU!5L0cC3jIaCuRm0q1-FYoVLDsuldYO4StHmkrZWg_Y0z1bdU7NM3IWFdkUykL7W_YAFGN4bM$ > > > > > > > > > > > It covers the topic once and for all... > > > > > > Olaf > > > > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
