Thanks for the links. But in answer to the issues below: chmod 600 is not sufficient because the admin of my website should not be able to see the passwords either. And if you're using a web hosting service, all the more reason.
The decryption algorithm may need a license key which is installed only on that machine, so copying the contents of the lib folder may not be sufficient. Though I have to admit, mines is not that complex! --- On Sun, 12/7/08, Kees Jan Koster <[EMAIL PROTECTED]> wrote: > From: Kees Jan Koster <[EMAIL PROTECTED]> > Subject: Re: configure JNDI to avoid error "Last packet sent to the server > was xxxxx ms ago" > To: "Tomcat Users List" <users@tomcat.apache.org> > Date: Sunday, December 7, 2008, 12:39 AM > Hmm. Lots of trouble for a file that you can just chmod 600 > to avoid > this whole issue. But that's just how I do this. > > You realize of course that this precisely as safe as > storing a plain- > text password. I mean, if I can read this file with the > encrypted > password, I can see that you use a non-standard MySQL > driver. So I > would just download the contents of your Tomcat's lib > directories. I > presume they have the same directory and file permissions > as the data > source config file. > > I don't care what the password is. I just copy your > config, plop the > contents of your Tomcat's lib dir into mine and I can > connect to your > database just fine. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
