sorry about that. Did not realize I was doing it.

 

William
 
> Date: Thu, 14 Jan 2010 18:00:46 +0000
> From: ma...@apache.org
> To: users@tomcat.apache.org
> Subject: Re: How to encrypt password in Data Source Declaration
> 
> Please do not hijack threads.
> 
> To ask a new question, create a new message. Do not reply to an old one
> (even if you change the subject).
> 
> Mark
> 
> On 14/01/2010 17:54, WM C wrote:
> > 
> > Hi All -
> > 
> > 
> > 
> > Sorry if this question seems dumb, but here it is:
> > 
> > 
> > 
> > In the data source declaration, database username, password needs to be 
> > provided, and they are in plain text!
> > 
> > 
> > 
> > For the application, data source works fine, but I feel it is really not 
> > safe - anybody who can access the server can see the password, plus the 
> > fact that the file need to be upload to a source control repository - 
> > password becomes an open secret, if it's still a sceret :(
> > 
> > 
> > 
> > Is there a good/generalized way to handle this (and any similar cases 
> > invloving password in xml configuration file)
> > 
> > 
> > 
> > Thanks a lot,
> > 
> > William 
> > 
> > _________________________________________________________________
> > Hotmail: Powerful Free email with security by Microsoft.
> > http://clk.atdmt.com/GBL/go/196390710/direct/01/
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
                                          
_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/196390706/direct/01/

Reply via email to