This is a kind of funny (sorry) "battle of the bulge" problem.
Malicious systems administrators (we assume everyone is guilty and it
drives this kind of issue) will find the password to your database,
and, ignoring everything else on the machine they just exploited, will
go and query your
On 16/09/2019 07:24, Olaf Kock wrote:
>
> On 16.09.19 06:05, Mohan T wrote:
>> Hi,
>>
>> We are using tomcat 8.5.35, on Red Hat Enterprise Linux Server release 7.4.
>>
>> Is it possible to encrypt or mask passwords that is being used in the
>> datasource for connecting to database. I am
On 16.09.19 08:24, Olaf Kock wrote:
> If someone has access to the old Wiki's information, it'd be a great
> page to restore.
>
"Do you really want to send this mail?" - "Of course" - "so be it" - m(
Facepalm:
It takes the steps above to think of a way of accessing the old content:
Here it is,
On 16.09.19 06:05, Mohan T wrote:
> Hi,
>
> We are using tomcat 8.5.35, on Red Hat Enterprise Linux Server release 7.4.
>
> Is it possible to encrypt or mask passwords that is being used in the
> datasource for connecting to database. I am mentioning the credentials in
> server.xml
There used
om TPMs, Smart Cards, networked sources, etc.
v/r,
Jason Pyeron
> -Original Message-
> From: Mohan T
> Sent: Monday, September 16, 2019 12:05 AM
> To: users@tomcat.apache.org
> Subject: [tomcat-users] Password encryption in Tomcat 8.5.35
>
> Hi,
>
> We are u
Hi,
We are using tomcat 8.5.35, on Red Hat Enterprise Linux Server release 7.4.
Is it possible to encrypt or mask passwords that is being used in the
datasource for connecting to database. I am mentioning the credentials in
server.xml
Thanks
Mohan
DISCLAIMER: This communication contains
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Harri,
On 5/26/17 3:32 AM, Pesonen, Harri wrote:
> It is possible to use Windows certificate store like this:
>
> keyAlias="..." keystoreFile="" keystoreType="Windows-My"
> maxThreads="150" port="8443"
>
: server.xml password encryption instead of plain text
I haven't tested it yet, but if you're on a Windows platform you MAY be
able to tell Tomcat to use the Windows Certificate Store (an thus NOT have
a password in server.xml) by adding something like this to the Java
Options:
-Djavax.net.ssl.trustS
te in
> Windows user's personal certificates. Then you don't need to enter password
> at all.
>
> -Harri
>
> -Original Message-
> From: John Palmer [mailto:johnpalm...@gmail.com]
> Sent: 25. toukokuuta 2017 17:01
> To: Tomcat Users List <users@tomcat.apache.org
...@gmail.com]
Sent: 25. toukokuuta 2017 17:01
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: server.xml password encryption instead of plain text
I haven't tested it yet, but if you're on a Windows platform you MAY be
able to tell Tomcat to use the Windows Certificate Store (a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 5/25/17 10:00 AM, John Palmer wrote:
> On Thu, May 25, 2017 at 7:46 AM, Vidyadhar
> wrote:
>
>> On Thu, 25 May 2017 at 6:01 PM, Dhaval Jaiswal
>> wrote:
>>
>>> How can we avoid defining
I haven't tested it yet, but if you're on a Windows platform you MAY be
able to tell Tomcat to use the Windows Certificate Store (an thus NOT have
a password in server.xml) by adding something like this to the Java Options:
-Djavax.net.ssl.trustStoreProvider=SunMSCAPI
On Thu, 25 May 2017 at 6:01 PM, Dhaval Jaiswal
wrote:
> How can we avoid defining plain text password in server.xml or is there a
> way i can encrypt the password in server.xml.
>
There are couple of examples on https://wiki.apache.org/tomcat/FAQ/Password
--
Regards,
How can we avoid defining plain text password in server.xml or is there a
way i can encrypt the password in server.xml.
Mark Thomas wrote:
On 14/08/2014 15:46, George Sexton wrote:
On 8/14/2014 8:33 AM, Mark Thomas wrote:
On 14/08/2014 15:10, George Sexton wrote:
graph.
Can you help me understand why tomcat doesn't take the approach of
Apache httpd which is to ask the user for the decryption key at startup
On 8/4/2014 8:17 AM, André Warnier wrote:
Sanaullah wrote:
Hi,
is there a way i ca replace plain JKS keystore password with encrypted
password in tomcat server.xml?
This kind of question comes regularly on this list, I would say 2 or 3
times each year.
Searching the list archives
On 14/08/2014 15:10, George Sexton wrote:
On 8/4/2014 8:17 AM, André Warnier wrote:
Sanaullah wrote:
Hi,
is there a way i ca replace plain JKS keystore password with encrypted
password in tomcat server.xml?
This kind of question comes regularly on this list, I would say 2 or 3
times
On 8/14/2014 10:33 AM, Mark Thomas wrote:
On 14/08/2014 15:10, George Sexton wrote:
On 8/4/2014 8:17 AM, André Warnier wrote:
Sanaullah wrote:
Hi,
is there a way i ca replace plain JKS keystore password with encrypted
password in tomcat server.xml?
This kind of question comes regularly
On 8/14/2014 8:33 AM, Mark Thomas wrote:
On 14/08/2014 15:10, George Sexton wrote:
graph.
Can you help me understand why tomcat doesn't take the approach of
Apache httpd which is to ask the user for the decryption key at startup
time?
Because it is largely a waste of time. Anyone with root on
On 14/08/2014 15:46, George Sexton wrote:
On 8/14/2014 8:33 AM, Mark Thomas wrote:
On 14/08/2014 15:10, George Sexton wrote:
graph.
Can you help me understand why tomcat doesn't take the approach of
Apache httpd which is to ask the user for the decryption key at startup
time?
Because it
You may find Wiki also useful:
http://wiki.apache.org/tomcat/FAQ/Password
-Ognjen
Write your own datasource implementation which wraps your datasource and
obscure your brains out (XOR http://en.wikipedia.org/wiki/XOR_cipher and
ROT13 http://en.wikipedia.org/wiki/ROT13 are great
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sanaullah,
On 8/4/14, 9:19 PM, Sanaullah wrote:
Thanks to all.
I was looking something similar to this [1] which is implemented in
JBoss.
[1]
Hi Chris,
I don't want to pass the audit. I am just curious why Jboss implemented
that ? and whats the purpose of SRP protocol implementation just to pass
the audit?
[1]
Hi,
is there a way i ca replace plain JKS keystore password with encrypted
password in tomcat server.xml?
Regards,
Sanaullah
Sanaullah wrote:
Hi,
is there a way i ca replace plain JKS keystore password with encrypted
password in tomcat server.xml?
This kind of question comes regularly on this list, I would say 2 or 3 times
each year.
Searching the list archives (mentioned in the superb on-line Tomcat
On Mon 04 Aug 2014 09:17:47 André Warnier escribió:
And if someone non-authorized has access to Tomcat's server.xml, then you
have bigger problems than a non-encrypted password.
Maybe the best solution could be put the right permission to sever.xml and do
not give the root password to other
Thanks Andre and Ulises.
I will also search the archive as well.
Regards,
Sanaullah
On Mon, Aug 4, 2014 at 8:07 PM, Ulises González Horta ul...@ulinxonline.net
wrote:
On Mon 04 Aug 2014 09:17:47 André Warnier escribió:
And if someone non-authorized has access to Tomcat's server.xml, then
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sanaullah,
On 8/4/14, 9:43 AM, Sanaullah wrote:
is there a way i ca replace plain JKS keystore password with
encrypted password in tomcat server.xml?
http://wiki.apache.org/tomcat/FAQ/Password
- -chris
-BEGIN PGP SIGNATURE-
Version:
Sanaullah,
On 4.8.2014 17:26, Sanaullah wrote:
I will also search the archive as well.
You may find Wiki also useful:
http://wiki.apache.org/tomcat/FAQ/Password
-Ognjen
-
To unsubscribe, e-mail:
Thanks to all.
I was looking something similar to this [1] which is implemented in JBoss.
[1]
https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html/Security_Guide/Encrypting_The_Keystore_Password_In_Tomcat.html
On Tue, Aug 5, 2014 at 3:43 AM, Ognjen
I tried the following command and failed as tomcat home directory:
C:\apps\apache-tomcat-7.0.11java -cp
lib/catalina.jar;bin/tomcat-juli.jar org.a
pache.catalina.realm.RealmBase -a md5 henry
Exception in thread main java.lang.NoClassDefFoundError:
org/apache/tomcat/uti
l/res/StringManager
Do you have org.apache.tomcat.util.res.StringManager on your classpath?
It's in tomcat-coyote.jar in my installation (6.0.18).
Paul
On Fri, Apr 1, 2011 at 10:47 AM, Henry Lu z...@umich.edu wrote:
I tried the following command and failed as tomcat home directory:
In Tomcat 7 you will need lib/tomcat-util.jar. The following works:
java -cp bin/tomcat-juli.jar;lib/catalina.jar;lib/tomcat-util.jar
org.apache.catalina.realm.RealmBase -a md5 foo
I updated the docs:
http://svn.apache.org/viewvc?rev=1087791view=rev
Best regards,
Konstantin Kolinko
2011/4/1
On 01/04/2011 15:47, Henry Lu wrote:
I tried the following command and failed as tomcat home directory:
Please don't hijack threads.
p
signature.asc
Description: OpenPGP digital signature
Hello,
I'm using the JNDI realm and communicating with a
Novell eDirectory (LDAP) server for authentication and
authorization purposes. We're communicating on port
389, which is non-secure. I know the user ID and
password is stored in plain text (within
/conf/server.xml), but what I'm not sure
Sniffing protocol would probably give you an idea about this :)
Jeff Marendo a écrit :
Hello,
I'm using the JNDI realm and communicating with a
Novell eDirectory (LDAP) server for authentication and
authorization purposes. We're communicating on port
389, which is non-secure. I know the user
Is there anyway we can encrypt password for JNDI Data source in context.xml ?
Ravi
--
View this message in context:
http://www.nabble.com/Password-encryption-for-JNDI-settings-tf3164186.html#a8777619
Sent from the Tomcat - User mailing list archive at Nabble.com
Is there anyway we can encrypt password for JNDI Data source in
context.xml ?
Ravi
Take a look at the very final section in this article http://
www.owasp.org/index.php/Securing_tomcat
The short answer, no.
-
To start a
Dear all,
I'm using Tomcat 5.5.9, Java 1.5.0 on a Red Hat Entreprise 4.4.
According to this document
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
I tried to encrypt passwords, but I can't figure out why it is not working.
I copied the class catalina.jar into /usr/share/java/
39 matches
Mail list logo