Roland typed the following on 11:06 AM 1/3/2002 -0200
>I'm concerned about encrypting the Browser-->Container path. The problem
>with my particular approach is, that I will send a Sha-1 hash from the
>browser to the container.
...
>The means, that the Realm will only
>receive a hash of the pa
ht-forward, IMO
Arnold Shore
Annapolis, MD USA
-Original Message-
From: Roland [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 03, 2002 8:07 AM
To: Tomcat Developers List
Subject: Re: Implementing JDBC realm with encryption
> > Hello,
> > I want to implement my own JDBC r
> > Hello,
> > I want to implement my own JDBC realm with browser side-password
> > encryption. The idea is to hash the password together with the sessionId
> > and a random variable using SHA-1 on the browser side with Javascript. The
> > hash is then send to the server. This prevents hackers fr
On Thu, 27 Dec 2001, Roland wrote:
> Date: Thu, 27 Dec 2001 12:52:08 -0200
> From: Roland <[EMAIL PROTECTED]>
> Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Implementing JDBC realm with encryption
>
> Hello,
> I
Hello,
I want to implement my own JDBC realm with browser side-password
encryption. The idea is to hash the password together with the sessionId
and a random variable using SHA-1 on the browser side with Javascript. The
hash is then send to the server. This prevents hackers from retrieving the
