I thing you can use the Java Security Manager and OS level file
permisssion for this
or wrote your own DataSource JNDI Factory.
Peter
Brett Parsons schrieb:
Hi All,
There is a requirement on the server that we have Tomcat 5.0.28
deployed that no username/password information can be stored
A couple of observations:
- If someone can read the context descriptor they pretty much own
Tomcat and probably the server as well. If this person is unauthorised,
you have big problems regardless of whether or not they have read-only
access to the database.
- If the password is encrypted,
