You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Sefton, Adam" <Ad...@plc.cwplc.com> on 2002/06/11 17:44:00 UTC
JDBC BASIC authentication and SSL
I am running Tomcat 4.0.3 standalone on Win2k.
I've configured SSL to work and have JDBC realm authentication working correctly, with BASIC authentication - is this now encrypted? So any admin servlet I write to add new users to the database .. will the passwords be encrypted? Or do I need to reference a method of the Realm class to ensure that this is correctly encrypted?
Also, does anybody know how to set up a custom error page for login failure using BASIC authentication method.
Thanks for any answers
Adam
**********************************************************************
This message may contain information which is confidential or privileged.
If you are not the intended recipient, please advise the sender immediately
by reply e-mail and delete this message and any attachments
without retaining a copy.
**********************************************************************
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: JDBC BASIC authentication and SSL
Posted by Jonathan Eric Miller <je...@uchicago.edu>.
When you say that you configured SSL to work, do you mean you enabled HTTPS?
You may also want to enable SSL for the JDBC connection assuming the
database server is on a different host. The problem there is that many
databases don't support SSL. It depends on which DBMS your using. If you
want the password in the database encrypted, you have to use
digest.bat/digest.sh to generate the hashes and then store those hashes in
the database. You also need to set a property for JDBCRealm telling it which
hash algorithm it is that you're using.
Jon
----- Original Message -----
From: "Sefton, Adam" <Ad...@plc.cwplc.com>
To: "'Tomcat Users List'" <to...@jakarta.apache.org>
Sent: Tuesday, June 11, 2002 10:44 AM
Subject: JDBC BASIC authentication and SSL
> I am running Tomcat 4.0.3 standalone on Win2k.
>
> I've configured SSL to work and have JDBC realm authentication working
correctly, with BASIC authentication - is this now encrypted? So any admin
servlet I write to add new users to the database .. will the passwords be
encrypted? Or do I need to reference a method of the Realm class to ensure
that this is correctly encrypted?
>
> Also, does anybody know how to set up a custom error page for login
failure using BASIC authentication method.
>
> Thanks for any answers
>
> Adam
>
>
> **********************************************************************
> This message may contain information which is confidential or privileged.
> If you are not the intended recipient, please advise the sender
immediately
> by reply e-mail and delete this message and any attachments
> without retaining a copy.
>
> **********************************************************************
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>