I know that $CATALINE_HOME/bin/digest.sh
is used to generate hashed passwords which can be used in tomcat_users.xml
but how can I implement the same behavior where I am using embedded tomcat in the project as it doesn't have bin/digest.sh
?
UPDATE:
I found that RealmBase.java
of tomcat has a method digest()
which does equivalent to what digest.sh does, however, it's deprecated since tomcat 9 and I am using tomcat 9. Does anyone know what the new implementation for this method is?
The central method for dealing with hashed passwords is CredentialHandler#mutate
, which is also the one used by digest.sh
. It transforms the supplied password into its stored form.
You can retrieve the CredentialHandler
in many ways:
Tomcat
object, using tomcat.getEngine().getRealm().getCredentialHandler()
. For this to work you need to start the Realm
if it is not running,Globals.CREDENTIAL_HANDLER
("org.apache.catalina.CredentialHandler") servlet context attribute.