Java – Tomcat – learn about credentialhandler

Java

I recently need to use containers to manage security and authentication

>First, what about the credentialhandler declaration? Someone can provide the algorithm properties declared by the example declaration of nestedcredentialhandler I need to know that the self digest attribute has been deprecated in realms I haven't found any examples on the Internet. I'm completely confused. > Messagedigestcredentialhandler and What is the difference? Which is more secure? > The secretkeycredentialhandler specifies only one algorithm. The documentation is pbkdf2withhmacsha1 Are there any other algorithms available?

Solution

To answer the first point, here is a comparison of < realm > From my context XML before and after switching to Tomcat 8:

Before:

<Realm className="org.apache.catalina.realm.DataSourceRealm"
       dataSourceName="jdbc/myDataSource"  
       roleNameCol="role" userCredCol="password" userNameCol="loginid" 
       digest="md5" 
       userRoleTable="userroles" userTable="users" 
       localDataSource="true" />

After:

<Realm className="org.apache.catalina.realm.DataSourceRealm" 
       dataSourceName="jdbc/myDataSource" 
       roleNameCol="role" userCredCol="password" userNameCol="loginid"      
       userRoleTable="userroles" userTable="users" localDataSource="true">
       <CredentialHandler
          className="org.apache.catalina.realm.MessageDigestCredentialHandler"     
 algorithm="md5" />
</Realm>
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>