How to encrypt tomcat user password in tomcat-users.xml

This  KB describes how to encrypt the Datasource password in  tomcat-users.xml for Apache Tomcat. You can follow these steps to configure  Tomcat with password encryption. If you are using an updated tomcat version which is later then  6.0.26 these steps will fix your problem.

Step 1: Edit  server.xml

-add the diggest option to Realm line at server.xml which is located under conf directory.


<Realm className="org.apache.catalina.realm.LockOutRealm">



<Realm className="org.apache.catalina.realm.LockOutRealm" digest="md5">

Step 2:Create  encrypted password


#/appdata/apache-tomcat/bin/ -a SHA test

Step 3:Replace the user's password to an encrypted one.

-Replace value of user's "password" attribute in your tomcat-users.xml to <ENCRYPTED_PASSWORD>


I'm a IT Infrastructure and Operations Architect with extensive experience and administration skills and works for Turk Telekom. I provide hardware and software support for the IT Infrastructure and Operations tasks.

205 Total Posts
Follow Me

Related Post