I trust the people in the company, but the company's work is with sites that
any user all over the internet can access. so we want to perform a damage
control if some hacker would gain access to our web server, so if he can -
he won't get access to the DB, at least not with our help of displaying the
user and password to access the DB :].


2011/2/23 Christopher Schultz <ch...@christopherschultz.net>

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> הילה,
>
> On 2/23/2011 2:06 AM, הילה wrote:
> > I've posted my problem in the sourceforge forums, but no comments have
> > received so far. :(
> >
> > If you have any suggestions to replace this, another way to authenticate
> the
> > tomcat to the DB with user and password that do not appear in clear text,
> > I'll be glad to hear about it.
>
> May I ask what the problem is with cleartext credentials in the
> configuration file? Don't you trust Microsoft Windows file permissions
> and your own administrators?
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk1lJtgACgkQ9CaO5/Lv0PCj/wCgpM+WD+3V7Pf80Uu7Ys4C81+d
> WokAoLGcwA2jgVeEpgTgKXgOwLgyaut8
> =xFOL
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Reply via email to