if you digest the password to the database, how is tomcat supposed to
pass it to the database?
Filip
Kevin Nash wrote:
Hello,
I'm using apache-tomcat-5.5.26, Oracle 10.2.0.3, java version "1.5.0_14"
I have a data resource defined in the server.xml and I wish to create a digest of the database
password.
<Resource name="jdbc/oracle" auth="Container" type="javax.sql.DataSource"
username="username"
password="plaintxt"
driverClassName="oracle.jdbc.driver.OracleDriver"
url="jdbc:oracle:thin:@hostname:1522:databasename"
maxActive="20" maxIdle="10">
</Resource>
I was wondering is it possible to do this in a similar fashion to creating
a digest of the passwords in the tomcat-users.xml file
1. Create password digest using SHA
$ ./digest.sh -a SHA password
password:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
2. Update the password in tomcat-users.xml
<user username="tomcat" password="5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8"
roles="tomcat,manager"/>
3. Update the server.xml
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase" digest="SHA" />
I've searched for a solution for encrypting the data resource password and I've come across
the following solutions.
1. Manage the connection pool in the application not the application server.
2. Authenticate using the application, i.e. set auth="Application"
3. Or extends BasicDataSourceFactory to accept an encrypted password.
These solutions are described in this interesting article
http://java.sys-con.com/node/393364/print
I was wondering is there a fourth solution as simple as creating digests of
passwords
for users in the tomcat-users.xml file?
Thanks for your help,
Kevin Nash
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
