Encrypt passwords in Tomcat-users.xml
1. Open the server.xml located in …\Server\tomcat-*\conf\.
2. Add a CrendentialHandler to the following realm:
org.apache.catalina.realm.UserDatabaseRealm. Should be as follows, replace the bold part with for example SHA-512, SHA-256 or MD5:
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase">
<CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler" algorithm="SHA-256"/>
</Realm>
3. Start the command prompt in …\Server\tomcat-*\bin\ .
4. Execute the following command to generate the HASH for the password. Replace SHA-256 with the algorithm used in the CrendentialHandler and PASSWORD with the password in tomcat-users.xml (located in …\Server\tomcat-*\conf \):
digest.bat -a SHA-256 -h org.apache.catalina.realm.MessageDigestCredentialHandler PASSWORD
5. Replace the password for the user in question in the tomcat-users.xml with the encrypted password just generated.
6. Restart the web server.
 | For more configuration options about password encryption, see the Tomcat guide: https://tomcat.apache.org/tomcat-9.0-doc/realm-howto.html#Digested_Passwords. |