Re: JDBC Resource Configuration
Good Morning Martin- If I understand your question correctly take a look at JSR-000221 https://jsecom16k.sun.com/ECom/EComActionServlet/DownloadPage:~:com.sun.sunit.sdlc.content.DownloadPageInfo;jsessionid=DDCBE747E2BD2C40EC2CC94C8DDB5F84;jsessionid=DDCBE747E2BD2C40EC2CC94C8DDB5F84 and look at the auth-mechanism provided from resource adapter deployment descriptor (jdbc provider) websphere handles this situation and has some information that will help you http://www-306.ibm.com/software/webservers/appserv/doc/v40/ae/infocenter/was/06061400.html HTH, Martin- - Original Message - From: Martin Dubuc [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Monday, November 28, 2005 9:51 AM Subject: JDBC Resource Configuration I am defining a number of JNDI resources in the server.xml file in the GlobalNamingResources section. As part of defining JDBC resources in this section, the username and password attributes are specified. The password is specified as clear text. I am wondering if there are ways to encrypt the passwords used for the JDBC resources or if it is possible not to define at all, but provide it in the Java sources instead. Martin __ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Resource Configuration
Martin Dubuc wrote: I am defining a number of JNDI resources in the server.xml file in the GlobalNamingResources section. As part of defining JDBC resources in this section, the username and password attributes are specified. The password is specified as clear text. I am wondering if there are ways to encrypt the passwords used for the JDBC resources or if it is possible not Well, you have to give credentials someplace, server.xml seams like a good place to do it. It can be made unreadable by users other than tomcat. to define at all, but provide it in the Java sources instead. ??? Isn't that stupid? Sorry for lashing out, but one of the ideas of defining a JNDI resource IS the ability to move connection credentials, among other things, OUT of your source. Why would you want every developer on your team (including those 20 in India) to know your user/pass for the DB? What is the benefit? Nix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
