In Web.xml file, Digest authentication is the best alternative to basic authentication process since it sends passwords across the working networks in a more stringently encoded form and stores passwords on disk that way as well. As a user, you need to use the container-managed digest authentication with a login-config element. Below quoted is the source code to execute the Digest Authentication settings in the Tomcat.
Define the Members-only area, by defining a "Security Constraint" on this Application, and mapping it to the subdirectory (URL) that we want to restrict.
< security-constraint >
< web-resource-collection >
< web-resource-name >
< /web-resource-name >
< url-pattern >/members/*< /url-pattern >
< /web-resource-collection >
< auth-constraint >
< /auth-constraint >
< /security-constraint >
< login-config >
< auth-method>DIGEST< /auth-method >
< realm-name >My Club Members-only Area< /realm-name >
< /login-config >