Outside the Cube (31)
Web publishing (134)
About this site
Links to us
General :: Linux
General Linux help.
This list is sorted by recent document popularity (not total page views).
New documents will first appear at the bottom.
Generated 0:00:38 on Oct 29, 2020
How to store Tomcat JDBCRealm passwords encrypted
Question: I am using Tomcat's JDBCRealm to store user names, passwords and roles in a mysql database. The passwords are stored in clear text. How can I change this?
Answer: This is quite easy. Below you see the definition of your realm in tomcat/conf/server.xml
You probably do not have the line that says
Add this line and tomcat expects passwords to be stored as an MD5 hash of the original password.
You also need to update any code that you have that inserts/ updates users and passwords. If you choose MD5 as suggested in the example, you can use mysql's built-in MD5() function.
insert into users(username,password) values ("mike",md5("secret"))
<Realm className="org.apache.catalina.realm.JDBCRealm" driverName="org.gjt.mm.mysql.Driver"
userTable="users" userNameCol="username" userCredCol="password"
|Most recent comments