You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Ben <ne...@gmail.com> on 2004/09/22 02:13:31 UTC

Digested passwords

Hi

Is there a way to add salt to the digested password in Tomcat JDBC
Realm for authentication?

Regards,
Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Digested passwords

Posted by Dennis Dai <ml...@ddai.net>.

On 9/21/2004 5:13 PM, Ben wrote:

> Is there a way to add salt to the digested password in Tomcat JDBC
> Realm for authentication?

What I did was extend the JDBCRealm and override the authenticate() 
method (basically just copy over the original one) and change validated 
to use a java implementation of FreeBSD's md5crypt(). A java 
implementation of md5crypt() can be found at:

http://tools.arlut.utexas.edu/cvsweb/cvsweb.cgi/ganymede/src/md5/MD5Crypt.java?rev=1.12&content-type=text/x-cvsweb-markup

-- 
Dennis Dai
ml@ddai.net

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org