After choosing a local security configuration model (oeablSecurity-XXXX-local.xml) for a Web application, you can add, remove, modify users or user authentication settings by updating the $CATALINA_BASE/webapps/webapp_name/users.properties file.
The following shows the syntax of entries in users.properties:
The contents of the users.properties file are included as an example and they are not secure since they are stored as plain text. Typically, for a production server, you would generate hashed and salted passwords, and add the secure passwords to the users.properties file.
You can use the Open Source Jacksum utilities to generate hashed and salted passwords.
