Filip, your correct, the digest is one way
Thanks for response, Kevin -----Original Message----- From: Filip Hanik - Dev Lists [mailto:[EMAIL PROTECTED] Sent: 13 November 2008 17:01 To: Tomcat Users List Subject: Re: Encrypting database resouce password if you digest the password to the database, how is tomcat supposed to pass it to the database? Filip Kevin Nash wrote: > Hello, > > I'm using apache-tomcat-5.5.26, Oracle 10.2.0.3, java version "1.5.0_14" > > > I have a data resource defined in the server.xml and I wish to create a > digest of the database > password. > > <Resource name="jdbc/oracle" auth="Container" type="javax.sql.DataSource" > username="username" > password="plaintxt" > driverClassName="oracle.jdbc.driver.OracleDriver" > url="jdbc:oracle:thin:@hostname:1522:databasename" > maxActive="20" maxIdle="10"> > </Resource> > > I was wondering is it possible to do this in a similar fashion to creating > a digest of the passwords in the tomcat-users.xml file > > 1. Create password digest using SHA > $ ./digest.sh -a SHA password > password:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 > > 2. Update the password in tomcat-users.xml > <user username="tomcat" password="5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" > roles="tomcat,manager"/> > > 3. Update the server.xml > <Realm className="org.apache.catalina.realm.UserDatabaseRealm" > resourceName="UserDatabase" digest="SHA" /> > > > I've searched for a solution for encrypting the data resource password and > I've come across > the following solutions. > > 1. Manage the connection pool in the application not the application server. > > 2. Authenticate using the application, i.e. set auth="Application" > > 3. Or extends BasicDataSourceFactory to accept an encrypted password. > > These solutions are described in this interesting article > http://java.sys-con.com/node/393364/print > > I was wondering is there a fourth solution as simple as creating digests of > passwords > for users in the tomcat-users.xml file? > > Thanks for your help, > > Kevin Nash > > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
