I know that $CATALINE_HOME/bin/digest.sh is used to generate hashed passwords which can be used in tomcat_users.xml but how can I implement the same behavior where I am using embedded tomcat in the project as it doesn't have bin/digest.sh?
UPDATE:
I found that RealmBase.java of tomcat has a method digest() which does equivalent to what digest.sh does, however, it's deprecated since tomcat 9 and I am using tomcat 9. Does anyone know what the new implementation for this method is?
CodePudding user response:
The central method for dealing with hashed passwords is CredentialHandler#mutate, which is also the one used by digest.sh. It transforms the supplied password into its stored form.
You can retrieve the CredentialHandler in many ways:
- from the
Tomcatobject, usingtomcat.getEngine().getRealm().getCredentialHandler(). For this to work you need to start theRealmif it is not running, - from a servlet, by retrieving the
Globals.CREDENTIAL_HANDLER("org.apache.catalina.CredentialHandler") servlet context attribute.
CodePudding user response:
digest.sh is used to generate password hashes. If you need to generate password hashes, just download tomcat archive from the Tomcat's homepage and run the script.
Embedded Tomcat does not have this script.