I trust the people in the company, but the company's work is with sites that any user all over the internet can access. so we want to perform a damage control if some hacker would gain access to our web server, so if he can - he won't get access to the DB, at least not with our help of displaying the user and password to access the DB :].
2011/2/23 Christopher Schultz <ch...@christopherschultz.net> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > הילה, > > On 2/23/2011 2:06 AM, הילה wrote: > > I've posted my problem in the sourceforge forums, but no comments have > > received so far. :( > > > > If you have any suggestions to replace this, another way to authenticate > the > > tomcat to the DB with user and password that do not appear in clear text, > > I'll be glad to hear about it. > > May I ask what the problem is with cleartext credentials in the > configuration file? Don't you trust Microsoft Windows file permissions > and your own administrators? > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk1lJtgACgkQ9CaO5/Lv0PCj/wCgpM+WD+3V7Pf80Uu7Ys4C81+d > WokAoLGcwA2jgVeEpgTgKXgOwLgyaut8 > =xFOL > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
