DelphiFAQ Home Search:

InterBase, MS-SQL, mysql, Oracle
C#, C++, Delphi, Java,
JavaScript, perl, php, Visual Basic, VBScript
Apache, Network, Shell
Web Publishing
JavaScript, perl CGI, VBScript, Web Hosting
Apache, File Types, Internet Explorer,
Network, Printing, Processes
Outside the Cube
Auto, Computer Hardware,
Finances, Dating Scams,
Household, Male Dating Scammers,
Other Scams, Travel

Featured Article

How to store Tomcat JDBCRealm passwords encrypted


I am using Tomcat's JDBCRealm to store user names, passwords and roles in a mysql database. The passwords are stored in clear text. How can I change this?


This is quite easy. Below you see the definition of your realm in tomcat/conf/server.xml
You probably do not have the line that says

Add this line and tomcat expects passwords to be stored as an MD5 hash of the original password.

You also need to update any code that you have that inserts/ updates users and passwords. If you choose MD5 as suggested in the example, you can use mysql's built-in MD5() function.

insert into users(username,password) values ("mike",md5("secret"))

<Realm className="org.apache.catalina.realm.JDBCRealm" driverName=""
          connectionName="XXX" connectionPassword="YYY"
          userTable="users" userNameCol="username" userCredCol="password"
          userRoleTable="user_roles" roleNameCol="rolename"/>

Generated 4:02:13 on Jul 7, 2020