You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jeff Marendo <jm...@yahoo.com> on 2008/02/13 17:10:50 UTC
JNDI Realm and Password Encryption
Hello,
I'm using the JNDI realm and communicating with a
Novell eDirectory (LDAP) server for authentication and
authorization purposes. We're communicating on port
389, which is non-secure. I know the user ID and
password is stored in plain text (within
/conf/server.xml), but what I'm not sure about is if
the password is encrypted in any way when Tomcat tries
to establish an initial connection to the eDirectory.
My guess is that it isn't but would be, if we were
using HTTPs over port 636.
Does anyone have any ideas on this or know for certain
how the JNDI realm works in this regard?
Jeff
p.s. I'm using Tomcat 5.0.28
____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: JNDI Realm and Password Encryption
Posted by david delbecq <de...@oma.be>.
Sniffing protocol would probably give you an idea about this :)
Jeff Marendo a écrit :
> Hello,
>
> I'm using the JNDI realm and communicating with a
> Novell eDirectory (LDAP) server for authentication and
> authorization purposes. We're communicating on port
> 389, which is non-secure. I know the user ID and
> password is stored in plain text (within
> /conf/server.xml), but what I'm not sure about is if
> the password is encrypted in any way when Tomcat tries
> to establish an initial connection to the eDirectory.
> My guess is that it isn't but would be, if we were
> using HTTPs over port 636.
>
> Does anyone have any ideas on this or know for certain
> how the JNDI realm works in this regard?
>
> Jeff
>
> p.s. I'm using Tomcat 5.0.28
>
>
> ____________________________________________________________________________________
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org