Yulius wrote:
Hi,
I'm currently need to do the encryption towards the log files that has been created by the webserver and the webapplication, so that only those who has the password to decrypt the log files can read them.
Huh, why would you need to encrypt those files? Isn't OS access level enough?
I would suggest you run Tomcat under the account T, and give the access to
log files only to the users/groups T, X, Y, Z ...
Is there a way to solve this issue?
I suppose you could write your own logger (extending log4j)
with on-the-fly encryption, but IMHO this is complete waste of time.
Further more your readers would need decryption as well, and you would
need to create some sort of a database for username/password/key mappings,
because your security would be jeopardized pretty soon if you share a
common key.
BTW, MD5 is not encryption algorithm but rather hashing one.
Regards,
Mladen.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
