ApacheCon North America will be held at the Intercontinetal Miami in Miami, Florida. Register now for the event taking place May 16-18, 2017. 
Back To Schedule
Tuesday, May 16 • 12:05pm - 12:55pm
Seamless Upgrades for Credential Security in Apache Tomcat - Christopher Schultz, Total Child Health, Inc.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Clear-text credentials (user passwords) were never a good idea. Not only are both MD5 and SHA1 now dead, even more modern hashing algorithms aren't appropriate for credential storage in an era of hash-lookup sites. Some recent additions to Apache Tomcat have made it easier to use more secure credential-storage mechanisms along with container-managed security. They can even be used to seamlessly upgrade from older, less-secure algorithms to newer, more secure ones. We'll investigate the modifications to Tomcat that allow developers and operations staff to use these features, and look at how to actually plug custom credentials-handling mechanisms into an existing Tomcat-based application.

avatar for Christopher Schultz

Christopher Schultz

Chief Technology Officer, Total Child Health, Inc.
Christopher Schultz is the CTO of Total Child Health, Inc. where he leads a small team of engineers to build server-side healthcare-related software in Java. Chris is an ASF Member active in the Apache Tomcat and Velocity communities as well as a committer on both projects, and Tomcat... Read More →

Tuesday May 16, 2017 12:05pm - 12:55pm EDT