Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Password encryption in Tomcat

843811Sep 11 2002 — edited Sep 11 2002

The default Tomcat password storage file stores passwords in unencrypted, plain text.

I need links to resources that show "how to" encrypt and store encrypted passwords. And how to "hide" the encryption key?

thanks,
/dj.

Christian Neumueller-Oracle

Hi Volker,

can you run the login page in debug mode (LEVEL9) to see what happens? I first thought this could be bug #14798940 but in that case the problem would have gone away after saving the authentication scheme.

Regards,
Christian

99770

Ho to do Level 9 Debug?

Christian Neumueller-Oracle

Hi Volker,

the app's URL will look a bit like this:

http://host:port/apex/f?p=app:page:session::NO::

Change NO to LEVEL9. Before 4.2, you could only say YES, which is level 4, or NO. LEVEL9 gives the most detailed output.

Regards,
Christian

99770

error:ORA-24247: network access denied by access control list (ACL), backtrace:ORA-06512: at "SYS.DBMS_LDAP_API_FFI", line 25 ORA-06512: at "SYS.DBMS_LDAP", line 48 ORA-06512: at "APEX_040200.WWV_FLOW_CUSTOM_AUTH_LDAP", line 45

Christian Neumueller-Oracle

Hi,

the post-installation steps described here

http://docs.oracle.com/cd/E37097_01/doc/install.42/e35123/otn_install.htm#BEHHJJIH

to configure the ACL for APEX_040200 seem to be missing.

Regards,
Christian

99770

Hi Christian,

many thanks to you. Now it works.

1 - 6

Locked Post

New comments cannot be posted to this locked post.

Locked on Oct 9 2002

Added on Sep 11 2002

#other-security-apis-tools-and-issues

1 comment

238 views

Java Security

Password encryption in Tomcat

Comments

Post Details