Hy,

> I am using jdbcrealm to store the username and passwords in the Oracle 9I
> database. But th passwords are stored as plain Texts. I want to encrypt the
> passwords. How can I do it? Is there any InBuilt feature in Tomcat?

look at
http://localhost:8080/tomcat-docs/realm-howto.html#Digested%20Passwords
for creating encrypted passwords on STDOUT.

then alter the table users:
alter table users add user_md5 varchar(255,20);

insert the encrypted password from STDOUT

put the 'digest'-attribute in the Realm-section and change the attribute
userCredCol:
<Realm  className="org.apache.catalina.realm.JDBCRealm"
 debug="99"
 driverName="yourOracle-driver"
    connectionURL="yourAuthorityDb;"
 connectionName="tomcat"
 connectionPassword="tomcat"
 userTable="users"
 userNameCol="user_name"
 userCredCol="user_md5"
 userRoleTable="user_roles"
 roleNameCol="role_name"
    digest="MD5" />



--
Holger de Wall
LKV-SH, Steenbeker Weg 151, Kiel 24106
Tel.  : +049 431-33987-38
Fax  : +049 431-33987-20


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)