Think about it the other way around. User types cleartext password, tomcat's authentication digests it and then compares with what is on the database. So when they change the password you need to capture the password in cleartext, digest it yourself, then store it. You don't need to decrypt it, you actually need to ENCRYPT (ie digest) it.
take a look at: http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html specifically: "If you are writing an application that needs to calculate digested passwords dynamically, call the static |Digest()| method of the |org.apache.catalina.realm.RealmBase| class, passing the cleartext password and the digest algorithm name as arguments. This method will return the digested password." Roger zhongliang zhang wrote: > Hi,everyone, > I got a problem with the DIGEST authentication. > I configured my web.xml as followed: > <security-constraint> > <web-resource-collection> > <web-resource-name>app</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>poweruser</role-name> > </auth-constraint> > </security-constraint> > <login-config> > <auth-method>DIGEST</auth-method> > <realm-name>app</realm-name> > </login-config> > So,if anybody try to access my app,he needs to input his username and > password,while the username and password are stored in the Oracle > database,not configured in the tomcat-users.xml file which located at > $tomcat_home/conf/ directory. I can not configure it in the tomcat-users.xml > for the app has an function of make a new user. > > Is there anyway to solve this problem? > > P.S. I tried to solve it by coding in my program,like adding the following > code to set the response's status to ask for DIGEST authentication. > ((HttpServletResponse) > response).setStatus(HttpServletResponse.SC_UNAUTHORIZED); > But I do not get a way to decryt the DIGEST information. > > Any advice will be appreciated! > thanks. > _________________________________________________________________ > News, entertainment and everything you care about at Live.com. Get it now! > http://www.live.com/getstarted.aspx > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
