https://issues.apache.org/bugzilla/show_bug.cgi?id=56403
--- Comment #5 from Christopher Schultz <ch...@christopherschultz.net> --- Created attachment 31615 --> https://issues.apache.org/bugzilla/attachment.cgi?id=31615&action=edit Example of an interface and implementation of both MessageDigest and PBKDF2 Attaching a self-contained driver, interface, and implementation of CredentialMatcher for MessageDigest and PBKDF2. This is the kind of thing I'd like to place into RealmBase (or, rather, factor-out of RealmBase). RealmBase currently has some additional code to allow prefixes such as {MD5}, {SSHA}, etc. to alter the behavior of the existing message-digest-only code. None of that type of code has been included in this example as it can be trivially added once the interfaces have been established. I was thinking that the <Realm> could have a sub-element <CredentialMatcher> (or similar... I'm not happy with the interface's name but can't think of a better one at the moment) that could identify the class to be used plus provide all of the configuration attributes like salt-length, iteration-count, algorithm name, and anything else an implementation may need. For backward-compatibility, we'd default to MessageDigestCredentialMatcher and route calls to RealmBase.setDigest() to MessageDigestCredentialMatcher.setAlgorithm(). Comments are welcome! -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
