On Thu, 29 May 2003, Raible, Matt wrote: > Why don't you just have the JDBCRealm do it - add digest="SHA".
I need something other than SHA, I need to use my own custom code for an encyrption method of my own that is not provided by JDBCRealm > To programmatically do it using form-based authentication, I've used a > LoginServlet that's mapped to "auth" in my login.jsp's form. In this > servlet, I encrypt the password and redirect to "j_security_check" - is that > what you're looking for? Maybe. I'll do some reading about form-based authentication. I'm not sure. I'm after this because I already have set up a JDBCRealm based system, with BASIC authentication, and SHA, under Tomcat for both servlets and cocoon stuff. Now I want to tie this together with another application that encypts passwords differently from any method available in JDBCRealm. I have the code for the encyption. If I could simply drop this code into the user validation JDBCRealm does for me in Tomcat, it'd be great because the security would all work and I wouldn't have to create any user/password management pages of my own. If I can do this, I can tie Tomcat authentication to the password system my company has on other systems. Any tips are helpful! I'm a little lost with this. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
