How to make the passwords encrypted in Tomcat server?
When you reset a password, the log file(JazzTeamServer/server/tomcat/logs/localhost_access_log) captures passwords in plain text. |
2 answers
|
login to jts/admin -> Server -> Advance Properties - Locate Tomcat Users' Password Digest -> set the Value to True -> Restart the server .
After restart try changing user password and check if it shows in log files. |
java -cp encryptedDS.jar com.incorta.tools.tomcat.DataSourceFactory
Enter password:
Confirm password:
Encrypted Password: m1rwxCXxhW7p87U9AWe8yg==
Using the generated password in Tomcat
In Tomcat server.xml file, find the JDBC Datasource definition (i.e. Resource tag). Here's a sample datasource definition:
<Resource auth="Container" name="jdbc/incortaDB" type="javax.sql.DataSource"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory" testOnBorrow="true"
initialSize="10" maxActive="500" minIdle="10" validationQuery="select 1"
driverClassName="com.mysql.jdbc.Driver" username="root" password="passw0rd"
To use the encrypted password, you need to do the following:
Add (or change if exists) the data source factory to com.incorta.tools.tomcat.DataSourceFactory. -
Update the password to be the encrypted one -from the previous step.-
Here's an update data source definition:
<Resource auth="Container" name="jdbc/incortaDB" type="javax.sql.DataSource"
factory="com.incorta.tools.tomcat.DataSourceFactory" testOnBorrow="true"
initialSize="10" maxActive="500" minIdle="10" validationQuery="select 1"
driverClassName="com.mysql.jdbc.Driver" username="root" password="m1rwxCXxhW7p87U9AWe8yg=="
Thanks & Regards
Nishant SDE
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.