-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fabio,
On 4/24/16 11:36 AM, Fabio Ricci wrote: > appreciate the sunday answer (thank you). > > To say the truth: I did read the documentation and the migration > guide. > > But since there are no examples in > http://tomcat.apache.org/tomcat-8.0-doc/config/credentialhandler.html, > > I did not manage to create my own implementation concreteness. That’s > why I deared to ask the community. What examples did you want to see? You don't have to write your own credential handler (code)... just use one of those already present. There aren't many choices. If you read the page you referenced above (the CredentialHandler configuration page), you should be able to build a <CredentialHandler> element that meets your requirements quite easily. Were you hoping for a copy-and-paste solution? If you were thinking of coming to ApacheCon in May, I'll plug my own presentation which is all about CredentialHandlers -- and, in fact, migrating away from simple MD5 hashes to much more secure forms of credential-storage. Here's a reference to the abstract: http://apachecon2016.sched.org/event/6OIs/seemless-upgrades-for-credenti al-security-in-apache-tomcat-christopher-schultz-total-child-health?ifra me=yes&w=i:0;&sidebar=yes&bg=no#?iframe=yes&w=i:0;&sidebar=yes&bg=no (I don't seem to be able to get anyone to correct the typo in the title. Hrmph.) - -chris >> On 24 Apr 2016, at 17:31, Mark Thomas <ma...@apache.org> wrote: >> >> On 22/04/2016 23:35, Fabio Ricci wrote: >>> Dear tomcat Community >>> >>> I am using cross context (which seems to be easy to configure >>> but in in tomcat 8 hard to run) … so today I downloaded tomcat >>> 9 and I migrated my apps to it. In tomcat 9 cross context is >>> running smoothly (thank you!) >>> >>> To authenticate my config is using JDBCRealm with a mysql >>> database. The config below ran very well with tomcat 8 but on >>> tomcat 9 accepted only the password digests (which are stored >>> in the table tomcat_users) directly instead of the usual >>> passwords. It seems that the digest algorithm MD5 be here not >>> executed. >> >> Given that the digest attribute doesn't exist on the Realm in >> 9.0.x, that behaviour is as expected. >> >> You should read the migration guide: >> >> http://tomcat.apache.org/migration-9.html#Migrating_from_8.0.x_to_9.0 .x/Internal_APIs >> >> >> If you had read the 8.0.x docs, you wouldn't have been using a >> deprecated configuration option... >> >> http://tomcat.apache.org/tomcat-8.0-doc/config/realm.html#Common_Attr ibutes >> >> >> ... you would have been using the replacement configuration option. >> >> http://tomcat.apache.org/tomcat-8.0-doc/config/credentialhandler.html >> >> >> >> Mark >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlcfyK4ACgkQ9CaO5/Lv0PDaQwCcDU1LlTw0L86FM1k6o2B7B1DB PyEAniuDGebS+ePwlt+kVvu14wErGOAu =QA8+ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
