RE: Securing Manager Role

2005-10-27 Thread Nehal Sangoi
-Original Message- From: Charlie C.L. King [mailto:[EMAIL PROTECTED] Sent: Thursday, October 27, 2005 8:12 PM To: Tomcat Users List; [EMAIL PROTECTED] Subject: Re: Securing Manager Role hi, looks like you're stuck with your kshell. how about specifying canonical path to your java execu

Re: Securing Manager Role

2005-10-27 Thread Charlie C.L. King
hi, looks like you're stuck with your kshell. how about specifying canonical path to your java executable, e.g. /opt/bin/java? or if you're under some unix environment like FreeBSD, you can just use 'md5' or 'sha1' provided by system: % sha1 -s 'passphrase here' it will produce the same result for

RE: Securing Manager Role

2005-10-27 Thread Nehal Sangoi
almBase -a sha1 But recd. following error : ksh: syntax error: `newline or ;' unexpected Please help doing this successfully. Thanks, Nehal -Original Message- From: Charlie C.L. King [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 26, 2005 1:28 PM To: Tomcat Users List Subjec

RE: Securing Manager Role

2005-10-26 Thread B Wiley Snyder
Mark > -Original Message- > From: Mark Thomas [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 25, 2005 9:44 PM > To: 'Tomcat Users List'; [EMAIL PROTECTED] > Subject: RE: Securing Manager Role > > This is not supported because there is simply no point. > >

RE: Securing Manager Role

2005-10-26 Thread Mark Thomas
Sent: Tuesday, October 25, 2005 9:44 PM > To: 'Tomcat Users List'; [EMAIL PROTECTED] > Subject: RE: Securing Manager Role > > This is not supported because there is simply no point. > > If someone can read the tomcat-users.xml file then they > almost certainly

Re: Securing Manager Role

2005-10-26 Thread Charlie C.L. King
Hi, you can change it to a digested form, either in md5 or in sha1 or some others(see java.security.MessageDigest). but sha1 should be safer. here's the choir you have to do. 1. in your server.xml, add to its child element a new attribute named "digest" and with its value "SHA1"(whatever you want

RE: Securing Manager Role

2005-10-26 Thread Nehal Sangoi
Is there any way for associating unix user "manager" to tomcat's manager rols and have encrypted password? -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 26, 2005 2:14 AM To: 'Tomcat Users List'; [EMAIL PROTECTED] Subject:

RE: Securing Manager Role

2005-10-25 Thread Mark Thomas
This is not supported because there is simply no point. If someone can read the tomcat-users.xml file then they almost certainly own the server and you have bigger problems than someone having access to the manager app. Consider if the password was encrypted, where is the decryption key stored? T