On Tue, 22 Oct 2002, Graham Lounder wrote:
> Date: Tue, 22 Oct 2002 09:35:11 -0300 > From: Graham Lounder <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > To: Tomcat Users List <[EMAIL PROTECTED]> > Subject: RE: Digested Passwords and Oracle 8.1.7 > > I need the algorithm so I can encrypt a password. The Tomcat Realm would > then compare the encrypted password to the encrypted password in the > database. I don't need to decrypt the password. > If I recall correctly (it's been a while since I was a heavy Oracle user) there's a SQL function that is used to do the encryption -- check the Oracle docs. Another alternative would be to have your authentication code attempt a connection with the username and password provided by your user -- success implies that they got it right. Note, of course, that using the real Oracle username/password can be a security risk unless you are in a very tightly controlled environment. > Graham > Craig -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>