Tomcat - 了解CredentialHandler [英] Tomcat - Understanding CredentialHandler

问题描述

我需要在最新的
项目中使用容器管理安全性和身份验证。我有一些关于如何配置
凭证处理程序的疑问。

I need to use Container Managed Security and Authentication in my latest project. And I have a couple of queries regarding how to configure a Credential Handler.

1. 首先，如何 CredentialHandler 声明如何？ 可以
   有人提供NestedCredentialHandler的示例声明，声明的算法属性为
   。我需要知道，因为Realms中的摘要属性
   已经被弃用。我没有在网上找到任何示例和
   我完全感到困惑。


2. MessageDigestCredentialHandler 和
   SecretKeyCredentialHandler 哪一个更安全？


3. SecretKeyCredentialHandler 指定
   中的只有一个算法 文档， PBKDF2WithHmacSHA1 。还有哪些其他算法可用？b $ b？

1. Firstly how will a CredentialHandler declaration look like ? Can someone provide a sample declaration of the NestedCredentialHandler with the algorithm attribute declared. I need to know since the Digest attribute in Realms has become deprecated. I didn't find any examples on the web and I am utterly confused.
2. Whats the difference between MessageDigestCredentialHandler and SecretKeyCredentialHandler which one is more secure ?
3. SecretKeyCredentialHandler specifies only one algorithm in the documentation which is PBKDF2WithHmacSHA1. What other algorithms are available ?

推荐答案

回答第一点，这里是在切换到Tomcat 8之前和之后，我的context.xml中的< Realm> 的比较：

To answer the first point, here's a comparison of the <Realm> from my context.xml before and after the switch to Tomcat 8:

之前：

<Realm className="org.apache.catalina.realm.DataSourceRealm"
       dataSourceName="jdbc/myDataSource"  
       roleNameCol="role" userCredCol="password" userNameCol="loginid" 
       digest="md5" 
       userRoleTable="userroles" userTable="users" 
       localDataSource="true" />

之后：

<Realm className="org.apache.catalina.realm.DataSourceRealm" 
       dataSourceName="jdbc/myDataSource" 
       roleNameCol="role" userCredCol="password" userNameCol="loginid"      
       userRoleTable="userroles" userTable="users" localDataSource="true">
       <CredentialHandler
          className="org.apache.catalina.realm.MessageDigestCredentialHandler"     
 algorithm="md5" />
</Realm>

这篇关于Tomcat - 了解CredentialHandler的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！