Search code examples
mysqltomcatbcrypttomcat9

How to configure DataSourceRealm with bcrypt


I am looking for some tips how I can configure a DataSourceRealm with an MySQL database including bcrypt-hashed passwords. Unfortunately, I am already struggling with getting the DataSource running - even with clear text passwords.

I have edited the conf/context.xml and added the DataSource as follows:

<Context>
[...]
<Resource name="jdbc/MYRESOURCE" auth="Container" type="javax.sql.DataSource"
maxTotal="100" maxIdle="30" maxWaitMillis="10000"
username="USER" password="PASSWORD" driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://my.database.com:3306/DATABASE?useUnicode=true&amp;characterEncoding=UTF-8&amp;serverTimezone=UTC&amp;verifyServerCertificate=false&amp;useSSL=true&amp;requireSSL=true&amp;autoReconnect=true" />
</Context>

The server.xml contains the Realm as follows:

<Realm className="org.apache.catalina.realm.DataSourceRealm"
dataSourceName="jdbc/MYRESOURCE"
userTable="myuser" userNameCol="username" userCredCol="password"
userRoleTable="myuser_roles" roleNameCol="role"/>

When I start the Tomcat, it says that my context "jdbc/MYRESOURCE" is not found.

I also tried to add another to the conf/context.xml which results in the Tomcat is not starting at all. Also same, if I add the into the of the conf/server.xml

What is wrong here? Can somebody help?


Solution

  • After some research I found a custom integration on GitHub, which supports bcrypt passwords.

    I just put the JAR into the 'lib' directory and switched the standard "MessageDigestCredentialHandler" to the new "BCryptoCredentialHandler" as described on GitHub.

    https://github.com/andreacomo/tomcat-bcrypt/