Re: Password is not working properly
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Konstantin, On 7/29/19 08:36, Konstantin Kolinko wrote: > чт, 25 июл. 2019 г. в 17:23, Support : >> >> Hi Sir, >> >> I am using tomcat 9 for my application. For my admin page, I have >> a username and password in conf/tomcat-user.xml. Using digest.sh, >> I encrypted my password(sha-256). >> >> password: Password encrypted: >> 5er5akakfkd556546adnfjbkklndkfgbjdb > > Even though everyone now knows your password, Do we? Unless the password shown above is NOT hashed in any way, I think we are out of luck. It is definitely NOT the output of any hash function I know of. > but nobody knows what you actually did (step-by-step), nor what > exact version of Tomcat 9.0.xx you are using, nor how your Realm is > configured. > > Your "encrypted" value does not look like a correct password > digest, which has format "{salt}${iterations}${digest}" +1 It's possible to get a non-iterated "digested" password from Tomcat these days, but you have to try pretty hard. The old digest capability Tomcat had for many years has been replaced with a properly-salted, iterated hash algorithm. If you are starting from scratch, you are better off using the default which is now PBKDF2WithHmacSHA1. It's better than trying to determine your own salt length and iteration count. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl0/U/IACgkQHPApP6U8 pFguKA//WwpjskdDqin8DkWuVq50sdIFeSdDLOIp364+KgoEOHkxjgtoqbc/IBIU Iegcr0X272Cu/4F2RmPO9uVV2/ms+Za3PBa2amTVotIe6Lw4lv3xdK5qGGLKzhv5 aN1x1Q7VBueW4qstYDUcgpGs++Y/G1CHLVoofTbDytsGYt3KojsHFT6KkyHLzgbd u1wCLa/zU3WbRbExmHKeiwTrB+emzlAzMirU+CWlyW49E9aTeyfASO0KPxGXRIgg jCVNeG02y1MiKuJUwa2HaoP5ojUZxydQoYucSVBskzaqhHgjIjX2zikn5Z1EEpau Cd8DABmxAjyBszgParJVP0EcxhZQeWDsJ2D3xkquEhUbVAL7IB0Fv7jEB+oJAXmK X7DRvYjFsqPBP5MR7XF3FVZcmiF1Q6a1aqfL3xmuxSTSDIvEJr6YxCz6z/c8M3d7 CUzkwMQikcj9AZL3iArJDqbgLuXN+a546r3clwDl5W/22G1+d3KN1H2hIwhQBcXj +fIJS2OJvVeIZrdlgYRqHxBqhvnhemzXm4gW3CloxYaq3kcNA40Y5S6f+rwlVIwn 6S2EKpkdXadEWDJFz9MXWADQIv9NRv5d78sqx6yyjkvDhwwC/bu69pxtPXHnmB0G DO2/It69ELFTyAONXwRuO1gtoiV4kTiGYOmAXKsLTac0u34W7qs= =rW/r -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Password is not working properly
чт, 25 июл. 2019 г. в 17:23, Support : > > Hi Sir, > > I am using tomcat 9 for my application. For my admin page, I have a > username and password in conf/tomcat-user.xml. > Using digest.sh, I encrypted my password(sha-256). > > password: Password > encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb Even though everyone now knows your password, but nobody knows what you actually did (step-by-step), nor what exact version of Tomcat 9.0.xx you are using, nor how your Realm is configured. Your "encrypted" value does not look like a correct password digest, which has format "{salt}${iterations}${digest}" - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Password is not working properly
Hi sir, if I am using memory realm tomcat 9 is not working while restarting tomcat. Regards, Sandeep Raghav Customer Support Engineer supp...@xcaptor.com Captivate. Engage. On Thu, Jul 25, 2019 at 8:11 PM Mark Thomas wrote: > On 25/07/2019 15:23, Support wrote: > > Hi Sir, > > > > I am using tomcat 9 for my application. For my admin page, I have a > > username and password in conf/tomcat-user.xml. > > Using digest.sh, I encrypted my password(sha-256). > > > > password: Password > > encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb > > > > Now, I am using my password its not working, if I give the encrypted it > is > > working fine. but it is working normaly in tomcat 7 perfectly without any > > error. > > You need to configure the appropriate Realm to use digested passwords. > > Mark > > > > > > > > Logs: > > > > 23 Jul 2019 14:44:56,742 TRACE ConsoleDataRetriever > > [https-jsse-nio-9443-exec-7] request parameters:q:HOME > > 23 Jul 2019 14:44:56,743 TRACE ConsoleDataRetriever > > [https-jsse-nio-9443-exec-7] request > > attributes:org.apache.tomcat.util.net.secure_protocol_version:TLSv1.2 > > javax.servlet.request.key_size:128 > > > javax.servlet.request.ssl_session_mgr:org.apache.tomcat.util.net.jsse.JSSESupport@23c2d7e5 > > javax.servlet.request.cipher_suite:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > > > javax.servlet.request.ssl_session_id:5d371d2118d18dbbe825330d236a3d7ea0f090f12385c0ca9b4146afe2e5700d > > 23 Jul 2019 14:44:56,743 DEBUG ConsoleDataRetriever > > [https-jsse-nio-9443-exec-7] Checking for existing messages, if none - > > create a new message map > > 23 Jul 2019 14:44:56,743 TRACE CaptorAdminUtil > [https-jsse-nio-9443-exec-7] > > No status messages were found in the request, created a new map. Message > > Map:{} > > 23 Jul 2019 14:44:56,744 DEBUG ConsoleDataRetriever > > [https-jsse-nio-9443-exec-7] Currently the view is set to: /error500.jsp > > 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever > > [https-jsse-nio-9443-exec-7] query received in request:HOME > > 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever > > [https-jsse-nio-9443-exec-7] request for retrieving Dashboard data > > > > Regards, > > Sandeep Raghav > > > > Customer Support Engineer > > supp...@xcaptor.com > > Captivate. Engage. > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Password is not working properly
On 25/07/2019 15:23, Support wrote: > Hi Sir, > > I am using tomcat 9 for my application. For my admin page, I have a > username and password in conf/tomcat-user.xml. > Using digest.sh, I encrypted my password(sha-256). > > password: Password > encrypted: 5er5akakfkd556546adnfjbkklndkfgbjdb > > Now, I am using my password its not working, if I give the encrypted it is > working fine. but it is working normaly in tomcat 7 perfectly without any > error. You need to configure the appropriate Realm to use digested passwords. Mark > > > Logs: > > 23 Jul 2019 14:44:56,742 TRACE ConsoleDataRetriever > [https-jsse-nio-9443-exec-7] request parameters:q:HOME > 23 Jul 2019 14:44:56,743 TRACE ConsoleDataRetriever > [https-jsse-nio-9443-exec-7] request > attributes:org.apache.tomcat.util.net.secure_protocol_version:TLSv1.2 > javax.servlet.request.key_size:128 > javax.servlet.request.ssl_session_mgr:org.apache.tomcat.util.net.jsse.JSSESupport@23c2d7e5 > javax.servlet.request.cipher_suite:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > javax.servlet.request.ssl_session_id:5d371d2118d18dbbe825330d236a3d7ea0f090f12385c0ca9b4146afe2e5700d > 23 Jul 2019 14:44:56,743 DEBUG ConsoleDataRetriever > [https-jsse-nio-9443-exec-7] Checking for existing messages, if none - > create a new message map > 23 Jul 2019 14:44:56,743 TRACE CaptorAdminUtil [https-jsse-nio-9443-exec-7] > No status messages were found in the request, created a new map. Message > Map:{} > 23 Jul 2019 14:44:56,744 DEBUG ConsoleDataRetriever > [https-jsse-nio-9443-exec-7] Currently the view is set to: /error500.jsp > 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever > [https-jsse-nio-9443-exec-7] query received in request:HOME > 23 Jul 2019 14:44:56,750 DEBUG ConsoleDataRetriever > [https-jsse-nio-9443-exec-7] request for retrieving Dashboard data > > Regards, > Sandeep Raghav > > Customer Support Engineer > supp...@xcaptor.com > Captivate. Engage. > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org