mercredi 27 mai 2015

How can I utilize the same credential handler configuration for my application's container in generating new password hashes?

I have the context for my Web application defined similar to

<Context>
    <Realm className="org.apache.catalina.realm.JDBCRealm" driverName="com.microsoft.sqlserver.jdbc.SQLServerDriver" connectionURL="jdbc:http://sqlservergreensuite.database.windows.net:1433;database=greensuite_db;user=greensuiteapp@greensuite;password=K1B&amp;i9i8*1id^dUzhsv^;encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30;" userTable="[User]" userNameCol="email" userCredCol="password"
   userRoleTable="UserGlobalRole" roleNameCol="role">
   <CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler" encoding="UTF-8" algorithm="SHA-512" iterations="1000000" saltLength="20" />
   </Realm>
</Context>

What can I put in an action listener to be able to do something like:


String passwordHash = credentialHandler.mutate(newPassword)

where credentialHandler is a CredentialHandler instance that applies to the request being processed.

The point is to have the configuration in one place, the context configuration instead of duplicating the configuration in the context configuration and in the code generating and storing a new hash.

Aucun commentaire:

Enregistrer un commentaire