tomcattomcat9embedded-tomcat-8embedded-tomcat

how to use digest.sh in embedded-tomcat


I know that $CATALINE_HOME/bin/digest.sh is used to generate hashed passwords which can be used in tomcat_users.xml but how can I implement the same behavior where I am using embedded tomcat in the project as it doesn't have bin/digest.sh?

UPDATE:

I found that RealmBase.java of tomcat has a method digest() which does equivalent to what digest.sh does, however, it's deprecated since tomcat 9 and I am using tomcat 9. Does anyone know what the new implementation for this method is?


Solution

  • The central method for dealing with hashed passwords is CredentialHandler#mutate, which is also the one used by digest.sh. It transforms the supplied password into its stored form.

    You can retrieve the CredentialHandler in many ways: