Just make make config.xml readable only by the account running the Jamesserver.
Works fine technically. The trouble is that copies of files containing secure information do proliferate - as backups, in test environments, in support requests, etc. Having sensitive information, such as passwords, encrypted gives a level of protection in such cases.
Every application that connects to the database has the same issue. I don't know of any web-app containers (Java or Python or Perl or PHP or any other language) that does anything special about storing the account information, unless you want to do everything on NT and do trusted connections.
-- Serge Knystautas President Lokitech >> software . strategy . design >> http://www.lokitech.com p. 301.656.5501 e. [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
