You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Möller Ulf <Ul...@eon-is.com> on 2006/02/21 17:12:33 UTC

Passwords in tomcat_users.xml

Hi,

Do the passwords in tomcat_users.xml have to be stored in plain text, or is there any way of using hashed passwords?

I couldn't find this question answered in the docs, so I'd be grateful for any help.

Thanks,
Ulf

Re: Passwords in tomcat_users.xml

Posted by Markus Schönhaber <ma...@schoenhaber.de>.

Möller Ulf wrote:
> Do the passwords in tomcat_users.xml have to be stored in plain text, or is
> there any way of using hashed passwords?

You can use digested passwords. Of course, you have to tell Tomcat that the 
passwords are digested by setting the "digest"-attribute of the corresponding 
"Realm".
BTW: you can use <Tomcat dir>/bin/digest.sh to create digested passwords.

http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html

Regards
  mks

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org