Martin Dubuc wrote:
I am defining a number of JNDI resources in the
server.xml file in the GlobalNamingResources section.
As part of defining JDBC resources in this section,
the username and password attributes are specified.
The password is specified as clear text. I am
wondering if there are ways to encrypt the passwords
used for the JDBC resources or if it is possible not
Well, you have to give credentials someplace, server.xml seams like a
good place to do it. It can be made unreadable by users other than tomcat.
to define at all, but provide it in the Java sources
instead.
??? Isn't that stupid?
Sorry for lashing out, but one of the ideas of defining a JNDI resource
IS the ability to move connection credentials, among other things, OUT
of your source. Why would you want every developer on your team
(including those 20 in India) to know your user/pass for the DB? What is
the benefit?
Nix.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
