From: Klotz Jr, Dennis [mailto:[EMAIL PROTECTED]
Subject: RE: can JNDIRealm connectionPassword be encrypted?
To me and my co-workers that login still represents a large
security risk if someone can gain access to the file
server.xml.
If someone can gain access to server.xml, you
From: Klotz Jr, Dennis [mailto:[EMAIL PROTECTED]
Subject: RE: can JNDIRealm connectionPassword be encrypted?
Right now we have the tomcat instance running as a tomcat:tomcat user
and group.
And, I hope, you have permissions for everything in Tomcat's directories
set to 750, and very, very
