-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kevin,
Kevin Nash wrote: > I have a data resource defined in the server.xml and I wish to [encrypt the] > database > password. This question comes up occasionally. Things to consider: 1. If you encrypt the password in context.xml, where will you store the password for your encryption key to decrypt it? 2. If you encrypt your decryption key for step 1, where will you put the password for your encryption key to decrypt it? 3. See step 2. The only way to break this cycle is to provide a password manually (say, from the console) during application or app-server startup. That precludes unattended restarts, which is basically a deal-breaker for a production system. Have I convinced you yet? ;) Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkcZHYACgkQ9CaO5/Lv0PB1ewCgtR+U61tuj6A32OIpSobDmuaI rtgAnRgFIyrZZvttFuqjxLFIAYS4oYm6 =Ms7O -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
