Chris, I meant to reply to this yesterday.
I can digest a password and use that digested password in the tomcat-users.xml I added an md5 attribute to the user database realm in server.xml and storing the digested password in tomcat-users.xml is working. Is it not supposed to? Based on that I assumed I could digest other passwords as well. Leo -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Wednesday, March 24, 2010 12:47 PM To: Tomcat Users List Subject: Re: Connecting to a Database -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Leo, On 3/24/2010 1:28 PM, Leo Donahue - PLANDEVX wrote: > I know you can specify digest for a Realm, but I don't see where I can > do that for a Resource. Note that the digest is for hashing passwords during /user/ authentication, not connecting to the database. > Do I need to leave the password of > "javadude" in the Resource in clear text, or can it be a digested > version of "javadude" in clear text in the Resource element? You cannot hash the db password. If you could, how would Tomcat decrypt it to make the connection? > The SQL table of user passwords will be in digest, but I wasn't sure > if I could use a digested password as part of the configuration for > the account that connects to the "authstore" database. Nope. Search the archives for that question being asked repeatedly, or just think about the implications of hashing a password that you want to use later. Then, think about the implications of /two-way/ encryption for a password and I think you'll see that you're just moving the problem somewhere else. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuqbDYACgkQ9CaO5/Lv0PBhHwCgqFQcdHypen2gtOfbtqjhd0IR CNUAoLT3Joi1rTnqvWC0wQ82Hls1zoK9 =uX5k -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
