Re: Password is not working properly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Konstantin,
On 7/29/19 08:36, Konstantin Kolinko wrote:
> чт, 25 июл. 2019 г. в 17:23, Support :
>>
>> Hi Sir,
>>
>> I am using tomcat 9 for my application. For my admin page, I have
>> a username and password in conf/tomcat-user.xml. Using digest.sh,
>> I encrypted my password(sha-256).
>>
>> password: Password encrypted:
>> 5er5akakfkd556546adnfjbkklndkfgbjdb
>
> Even though everyone now knows your password,
Do we? Unless the password shown above is NOT hashed in any way, I
think we are out of luck. It is definitely NOT the output of any hash
function I know of.
> but nobody knows what you actually did (step-by-step), nor what
> exact version of Tomcat 9.0.xx you are using, nor how your Realm is
> configured.
>
> Your "encrypted" value does not look like a correct password
> digest, which has format "{salt}${iterations}${digest}"
+1
It's possible to get a non-iterated "digested" password from Tomcat
these days, but you have to try pretty hard.
The old digest capability Tomcat had for many years has been replaced
with a properly-salted, iterated hash algorithm.
If you are starting from scratch, you are better off using the default
which is now PBKDF2WithHmacSHA1. It's better than trying to determine
your own salt length and iteration count.
- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl0/U/IACgkQHPApP6U8
pFguKA//WwpjskdDqin8DkWuVq50sdIFeSdDLOIp364+KgoEOHkxjgtoqbc/IBIU
Iegcr0X272Cu/4F2RmPO9uVV2/ms+Za3PBa2amTVotIe6Lw4lv3xdK5qGGLKzhv5
aN1x1Q7VBueW4qstYDUcgpGs++Y/G1CHLVoofTbDytsGYt3KojsHFT6KkyHLzgbd
u1wCLa/zU3WbRbExmHKeiwTrB+emzlAzMirU+CWlyW49E9aTeyfASO0KPxGXRIgg
jCVNeG02y1MiKuJUwa2HaoP5ojUZxydQoYucSVBskzaqhHgjIjX2zikn5Z1EEpau
Cd8DABmxAjyBszgParJVP0EcxhZQeWDsJ2D3xkquEhUbVAL7IB0Fv7jEB+oJAXmK
X7DRvYjFsqPBP5MR7XF3FVZcmiF1Q6a1aqfL3xmuxSTSDIvEJr6YxCz6z/c8M3d7
CUzkwMQikcj9AZL3iArJDqbgLuXN+a546r3clwDl5W/22G1+d3KN1H2hIwhQBcXj
+fIJS2OJvVeIZrdlgYRqHxBqhvnhemzXm4gW3CloxYaq3kcNA40Y5S6f+rwlVIwn
6S2EKpkdXadEWDJFz9MXWADQIv9NRv5d78sqx6yyjkvDhwwC/bu69pxtPXHnmB0G
DO2/It69ELFTyAONXwRuO1gtoiV4kTiGYOmAXKsLTac0u34W7qs=
=rW/r
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Password is not working properly
чт, 25 июл. 2019 г. в 17:23, Support :
>
> Hi Sir,
>
> I am using tomcat 9 for my application. For my admin page, I have a
> username and password in conf/tomcat-user.xml.
> Using digest.sh, I encrypted my password(sha-256).
>
> password: Password
> encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb
Even though everyone now knows your password,
but nobody knows what you actually did (step-by-step),
nor what exact version of Tomcat 9.0.xx you are using,
nor how your Realm is configured.
Your "encrypted" value does not look like a correct password digest,
which has format "{salt}${iterations}${digest}"
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Password is not working properly
Hi sir,
if I am using memory realm tomcat 9 is not working while restarting tomcat.
Regards,
Sandeep Raghav
Customer Support Engineer
supp...@xcaptor.com
Captivate. Engage.
On Thu, Jul 25, 2019 at 8:11 PM Mark Thomas wrote:
> On 25/07/2019 15:23, Support wrote:
> > Hi Sir,
> >
> > I am using tomcat 9 for my application. For my admin page, I have a
> > username and password in conf/tomcat-user.xml.
> > Using digest.sh, I encrypted my password(sha-256).
> >
> > password: Password
> > encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb
> >
> > Now, I am using my password its not working, if I give the encrypted it
> is
> > working fine. but it is working normaly in tomcat 7 perfectly without any
> > error.
>
> You need to configure the appropriate Realm to use digested passwords.
>
> Mark
>
>
> >
> >
> > Logs:
> >
> > 23 Jul 2019 14:44:56,742 TRACE ConsoleDataRetriever
> > [https-jsse-nio-9443-exec-7] request parameters:q:HOME
> > 23 Jul 2019 14:44:56,743 TRACE ConsoleDataRetriever
> > [https-jsse-nio-9443-exec-7] request
> > attributes:org.apache.tomcat.util.net.secure_protocol_version:TLSv1.2
> > javax.servlet.request.key_size:128
> >
> javax.servlet.request.ssl_session_mgr:org.apache.tomcat.util.net.jsse.JSSESupport@23c2d7e5
> > javax.servlet.request.cipher_suite:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> >
> javax.servlet.request.ssl_session_id:5d371d2118d18dbbe825330d236a3d7ea0f090f12385c0ca9b4146afe2e5700d
> > 23 Jul 2019 14:44:56,743 DEBUG ConsoleDataRetriever
> > [https-jsse-nio-9443-exec-7] Checking for existing messages, if none -
> > create a new message map
> > 23 Jul 2019 14:44:56,743 TRACE CaptorAdminUtil
> [https-jsse-nio-9443-exec-7]
> > No status messages were found in the request, created a new map. Message
> > Map:{}
> > 23 Jul 2019 14:44:56,744 DEBUG ConsoleDataRetriever
> > [https-jsse-nio-9443-exec-7] Currently the view is set to: /error500.jsp
> > 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever
> > [https-jsse-nio-9443-exec-7] query received in request:HOME
> > 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever
> > [https-jsse-nio-9443-exec-7] request for retrieving Dashboard data
> >
> > Regards,
> > Sandeep Raghav
> >
> > Customer Support Engineer
> > supp...@xcaptor.com
> > Captivate. Engage.
> >
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Re: Password is not working properly
On 25/07/2019 15:23, Support wrote:
> Hi Sir,
>
> I am using tomcat 9 for my application. For my admin page, I have a
> username and password in conf/tomcat-user.xml.
> Using digest.sh, I encrypted my password(sha-256).
>
> password: Password
> encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb
>
> Now, I am using my password its not working, if I give the encrypted it is
> working fine. but it is working normaly in tomcat 7 perfectly without any
> error.
You need to configure the appropriate Realm to use digested passwords.
Mark
>
>
> Logs:
>
> 23 Jul 2019 14:44:56,742 TRACE ConsoleDataRetriever
> [https-jsse-nio-9443-exec-7] request parameters:q:HOME
> 23 Jul 2019 14:44:56,743 TRACE ConsoleDataRetriever
> [https-jsse-nio-9443-exec-7] request
> attributes:org.apache.tomcat.util.net.secure_protocol_version:TLSv1.2
> javax.servlet.request.key_size:128
> javax.servlet.request.ssl_session_mgr:org.apache.tomcat.util.net.jsse.JSSESupport@23c2d7e5
> javax.servlet.request.cipher_suite:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> javax.servlet.request.ssl_session_id:5d371d2118d18dbbe825330d236a3d7ea0f090f12385c0ca9b4146afe2e5700d
> 23 Jul 2019 14:44:56,743 DEBUG ConsoleDataRetriever
> [https-jsse-nio-9443-exec-7] Checking for existing messages, if none -
> create a new message map
> 23 Jul 2019 14:44:56,743 TRACE CaptorAdminUtil [https-jsse-nio-9443-exec-7]
> No status messages were found in the request, created a new map. Message
> Map:{}
> 23 Jul 2019 14:44:56,744 DEBUG ConsoleDataRetriever
> [https-jsse-nio-9443-exec-7] Currently the view is set to: /error500.jsp
> 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever
> [https-jsse-nio-9443-exec-7] query received in request:HOME
> 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever
> [https-jsse-nio-9443-exec-7] request for retrieving Dashboard data
>
> Regards,
> Sandeep Raghav
>
> Customer Support Engineer
> supp...@xcaptor.com
> Captivate. Engage.
>
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Password is not working properly
Hi Sir,
I am using tomcat 9 for my application. For my admin page, I have a
username and password in conf/tomcat-user.xml.
Using digest.sh, I encrypted my password(sha-256).
password: Password
encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb
Now, I am using my password its not working, if I give the encrypted it is
working fine. but it is working normaly in tomcat 7 perfectly without any
error.
Logs:
23 Jul 2019 14:44:56,742 TRACE ConsoleDataRetriever
[https-jsse-nio-9443-exec-7] request parameters:q:HOME
23 Jul 2019 14:44:56,743 TRACE ConsoleDataRetriever
[https-jsse-nio-9443-exec-7] request
attributes:org.apache.tomcat.util.net.secure_protocol_version:TLSv1.2
javax.servlet.request.key_size:128
javax.servlet.request.ssl_session_mgr:org.apache.tomcat.util.net.jsse.JSSESupport@23c2d7e5
javax.servlet.request.cipher_suite:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
javax.servlet.request.ssl_session_id:5d371d2118d18dbbe825330d236a3d7ea0f090f12385c0ca9b4146afe2e5700d
23 Jul 2019 14:44:56,743 DEBUG ConsoleDataRetriever
[https-jsse-nio-9443-exec-7] Checking for existing messages, if none -
create a new message map
23 Jul 2019 14:44:56,743 TRACE CaptorAdminUtil [https-jsse-nio-9443-exec-7]
No status messages were found in the request, created a new map. Message
Map:{}
23 Jul 2019 14:44:56,744 DEBUG ConsoleDataRetriever
[https-jsse-nio-9443-exec-7] Currently the view is set to: /error500.jsp
23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever
[https-jsse-nio-9443-exec-7] query received in request:HOME
23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever
[https-jsse-nio-9443-exec-7] request for retrieving Dashboard data
Regards,
Sandeep Raghav
Customer Support Engineer
supp...@xcaptor.com
Captivate. Engage.
