Why are plain text passwords in the config files? Because there is no good
way to "secure" them. When Tomcat needs to connect to a database, it needs
the original password. While the password could be encoded, there still
needs to be a mechanism to decode it. And since the source to Tomcat is
freel
On 30/01/2014 09:46, Ja kub wrote:
> is it possible not to write keystorePass in open text server.xml, and make
> tomcat to ask for it at startup ?
> or specify only some hash of it (rather not possible) ?
http://wiki.apache.org/tomcat/FAQ/Password
Mark
--
is it possible not to write keystorePass in open text server.xml, and make
tomcat to ask for it at startup ?
or specify only some hash of it (rather not possible) ?
BR
J.
