https://issues.apache.org/bugzilla/show_bug.cgi?id=51966
--- Comment #3 from Adam Caldwell <accaldw...@west.com> 2011-10-05 22:16:39 UTC --- Thank you for the great feedback. The salt isn't part of the users password. If you look at the digest method that's used to generate the encoded password, it is 4 random bytes. The ssha name is the same name/4 random byte method that is already used in the ldap code. My need for this stems from a weblogic to tomcat conversion we are doing. Weblogic uses the same 4-byte random method. I do like the idea of hard-coding less though so that you could use salts with any algorithm. I'll see what I can come up with. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
