Slightly off topic, but important!
Having seen way too much in terms of hacking and system compromises,
might I suggest you create another, and far less privileged user than
root, for accessing mysql. Unless you've gone into the grant tables
and creatd a different mysql superuser and reduced root's priv, then
the root login to mysql is like root on unix, superuser, God, etc. If
multiple users have shell access to the tomcat host system, and those
same users are not authorized as mysql root, than I know of no way to
keep unauthorized eyes from looking at the server.xml file other than
by making it sysroot protected. But to do that, you need to run tomcat
under root.
If anyone has a good mechanism for securing the server's and/or
servlet's credential for db access, I'd certainly love to hear it.
That issue has been my one and only thorn in the side since I began
switching for perl/cgi (where the solution to that issue is a
no-brainer) to using tomcat.
-- Rob
--On Thursday, March 01, 2001 10:19:13 AM +0100 [EMAIL PROTECTED] wrote:
>> Hi!
>> My connectionURL in server.xml now looks like this:
>> "jdbc:mysql://localhost/auth?user=root&password=somepassword"
>>
>> and tomcat doesn't start up (although there is no error msg or
>> anything) and when i execute tomcat stop i get the following
>> exception:
>> org.xml.sax.SAXParseException: Next character must be ";" terminating
>> reference to entity "password" and a stack trace follows...
>>
>> why is that?
>
> I guess you should escape the "&" character in your connectionURL by
> replacing it with "&", as the XML parser will parse entities like
> "<" or ""e;" or things like that...
>
> Try
>
> jdbc:mysql://localhost/auth?user=root&password=somepassword
>
> instead, that should work...
>
> np: Flanger - Nightbeat 1 (Midnight Sound)
>
> ---------------------------------------------------------------------
> Sent through MailGateway - http://www.ssw.uni-linz.ac.at:2000/
> Send or read your emails anywhere.
> ---------------------------------------------------------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]
>
_ _ _ _ _ _ _ _ _ _
/\_\_\_\_\ /\_\ /\_\_\_\_\_\
/\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT,
/\/_/__\/_/ __ /\/_/ /\/_/ PROFUNDUM VIDITUR
/\/_/_/_/_/ /\_\ /\/_/ /\/_/
/\/_/ \/_/ /\/_/_/\/_/ /\/_/ (Whatever is said in Latin
\/_/ \/_/ \/_/_/_/_/ \/_/ appears profound)
Rob Tanner
McMinnville, Oregon
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
