RE: Convention for keeping passwords out of struts.xml

ruts Users Mailing List Subject: Re: Convention for keeping passwords out of struts.xml Jim Kiley wrote: > Dave's right -- a good choice here is to keep that kind of data in a server > settings config file, and set up your application to pull the database > context info out of the

Re: Convention for keeping passwords out of struts.xml

Jim Kiley wrote: Dave's right -- a good choice here is to keep that kind of data in a server settings config file, and set up your application to pull the database context info out of the JNDI context. Check out http://tomcat.apache.org/tomcat-5.5-doc/index.html

Re: Convention for keeping passwords out of struts.xml

rch 12, 2009 2:40 PM > To: Struts Users Mailing List > Subject: Re: Convention for keeping passwords out of struts.xml > > Security Management wrote: > > What's the convention for keeping database settings out of struts.xml? > > Hmm, I guess I never even consider

RE: Convention for keeping passwords out of struts.xml

--Original Message- From: Dave Newton [mailto:newton.d...@yahoo.com] Sent: Thursday, March 12, 2009 2:40 PM To: Struts Users Mailing List Subject: Re: Convention for keeping passwords out of struts.xml Security Management wrote: > What's the convention for keeping database settings out o

Re: Convention for keeping passwords out of struts.xml

Security Management wrote: What's the convention for keeping database settings out of struts.xml? Hmm, I guess I never even considered putting them in there. JNDI, Spring, and property files are the obvious choices, most DB technologies support creating a datasource in their own config as wel

Convention for keeping passwords out of struts.xml

What's the general convention for keeping database settings out of struts.xml? I have an app that will be sent to people that already have a database setup, and they need to specify the hostname, username, etc. I need ideas on how to store this outside of the war that I send. Can anyone help, I