Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
i m using HTTP Digest to connect to my Spring application, using the Spring DigestAuthenticationFilter.
The application is using Tomcat 7.
It works fine with plaintext password (in the database)
My problem is : i want to store the hashed passwords (with a salt if possible), and not in plaintext. But if i understood well, HTTP Digest requires the password to be in plaintext.
Is there a way to change this in Spring Security ?
No, this is not changeable, atleast at the time of writing this. The Spring Security documentation on Digest Authentication states the following, where is it quite evident that the passwords have to be in clear text.