When you say that you configured SSL to work, do you mean you enabled HTTPS? You may also want to enable SSL for the JDBC connection assuming the database server is on a different host. The problem there is that many databases don't support SSL. It depends on which DBMS your using. If you want the password in the database encrypted, you have to use digest.bat/digest.sh to generate the hashes and then store those hashes in the database. You also need to set a property for JDBCRealm telling it which hash algorithm it is that you're using.
Jon ----- Original Message ----- From: "Sefton, Adam" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" <[EMAIL PROTECTED]> Sent: Tuesday, June 11, 2002 10:44 AM Subject: JDBC BASIC authentication and SSL > I am running Tomcat 4.0.3 standalone on Win2k. > > I've configured SSL to work and have JDBC realm authentication working correctly, with BASIC authentication - is this now encrypted? So any admin servlet I write to add new users to the database .. will the passwords be encrypted? Or do I need to reference a method of the Realm class to ensure that this is correctly encrypted? > > Also, does anybody know how to set up a custom error page for login failure using BASIC authentication method. > > Thanks for any answers > > Adam > > > ********************************************************************** > This message may contain information which is confidential or privileged. > If you are not the intended recipient, please advise the sender immediately > by reply e-mail and delete this message and any attachments > without retaining a copy. > > ********************************************************************** > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>