Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
126 views
in Technique[技术] by (71.8m points)

java - Tomcat - Understanding CredentialHandler

I need to use Container Managed Security and Authentication in my latest project. And I have a couple of queries regarding how to configure a Credential Handler.

  1. Firstly how will a CredentialHandler declaration look like ? Can someone provide a sample declaration of the NestedCredentialHandler with the algorithm attribute declared. I need to know since the Digest attribute in Realms has become deprecated. I didn't find any examples on the web and I am utterly confused.
  2. Whats the difference between MessageDigestCredentialHandler and SecretKeyCredentialHandler which one is more secure ?
  3. SecretKeyCredentialHandler specifies only one algorithm in the documentation which is PBKDF2WithHmacSHA1. What other algorithms are available ?
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

To answer the first point, here's a comparison of the <Realm> from my context.xml before and after the switch to Tomcat 8:

Before:

<Realm className="org.apache.catalina.realm.DataSourceRealm"
       dataSourceName="jdbc/myDataSource"  
       roleNameCol="role" userCredCol="password" userNameCol="loginid" 
       digest="md5" 
       userRoleTable="userroles" userTable="users" 
       localDataSource="true" />

After:

<Realm className="org.apache.catalina.realm.DataSourceRealm" 
       dataSourceName="jdbc/myDataSource" 
       roleNameCol="role" userCredCol="password" userNameCol="loginid"      
       userRoleTable="userroles" userTable="users" localDataSource="true">
       <CredentialHandler
          className="org.apache.catalina.realm.MessageDigestCredentialHandler"     
 algorithm="md5" />
</Realm>

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...