Emerson, > - Being in plain text in server.xml (as configured for tomcat) Protect the file with permissions.
> - Read the web.xml by a standalone app and encript the password, in my > connection servlet I read it and decritp it. > > - Have a separate file for each pool, this file,encripted, would contain > info about each pool. If I can read the server.xml then I can read your .class file the decrypts it and thus can still get your password. > > BTW, is there any way to use the same pool for more than one app, using > tomcat pool configuration ??? GlobalNamingResources Search the archives for both of these subjects as they have been discussed often. Doug --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]