This is a kind of funny (sorry) "battle of the bulge" problem.
Malicious systems administrators (we assume everyone is guilty and it
drives this kind of issue) will find the password to your database,
and, ignoring everything else on the machine they just exploited, will
go and query your database
On 16/09/2019 07:24, Olaf Kock wrote:
>
> On 16.09.19 06:05, Mohan T wrote:
>> Hi,
>>
>> We are using tomcat 8.5.35, on Red Hat Enterprise Linux Server release 7.4.
>>
>> Is it possible to encrypt or mask passwords that is being used in the
>> datasource for connecting to database. I am mentionin
On 16.09.19 08:24, Olaf Kock wrote:
> If someone has access to the old Wiki's information, it'd be a great
> page to restore.
>
"Do you really want to send this mail?" - "Of course" - "so be it" - m(
Facepalm:
It takes the steps above to think of a way of accessing the old content:
Here it is, c
On 16.09.19 06:05, Mohan T wrote:
> Hi,
>
> We are using tomcat 8.5.35, on Red Hat Enterprise Linux Server release 7.4.
>
> Is it possible to encrypt or mask passwords that is being used in the
> datasource for connecting to database. I am mentioning the credentials in
> server.xml
There used
On 01/04/2011 15:47, Henry Lu wrote:
> I tried the following command and failed as tomcat home directory:
Please don't hijack threads.
p
signature.asc
Description: OpenPGP digital signature
In Tomcat 7 you will need lib/tomcat-util.jar. The following works:
java -cp bin/tomcat-juli.jar;lib/catalina.jar;lib/tomcat-util.jar
org.apache.catalina.realm.RealmBase -a md5 foo
I updated the docs:
http://svn.apache.org/viewvc?rev=1087791&view=rev
Best regards,
Konstantin Kolinko
2011/4/1 Pa
Do you have org.apache.tomcat.util.res.StringManager on your classpath?
It's in tomcat-coyote.jar in my installation (6.0.18).
Paul
On Fri, Apr 1, 2011 at 10:47 AM, Henry Lu wrote:
> I tried the following command and failed as tomcat home directory:
>
>
> C:\apps\apache-tomcat-7.0.11>java -c
Is there anyway we can encrypt password for JNDI Data source in
context.xml ?
Ravi
Take a look at the very final section in this article http://
www.owasp.org/index.php/Securing_tomcat
The short answer, no.
-
To start a
