Move cocoon.xconf to WEB-INF/cocoon.xconf, as in latest Cocoon versions. This is a bit more secure location then before.
Vadim -----Original Message----- From: Tsui, Alban [mailto:[EMAIL PROTECTED]] Sent: Friday, June 28, 2002 10:32 AM To: [EMAIL PROTECTED] Subject: Security in cocoon.xconf? I have setup database connection in cocoon.xconf but the username and password are required in cocoon.xconf. How secure if cocoon.xconf? Will crashes or any tricks expose this information to the clients or other servlets? If so, any measure that I can take to hide such information? I am using cocoon 2.0.1. Alban This message may contain privileged and/or confidential information. If you have received this e-mail in error or are not the intended recipient, you may not use, copy, disseminate or distribute it; do not open any attachments, delete it immediately from your system and notify the sender promptly by e-mail that you have done so. Thank you. --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>
