WEB-INF is privete directory, no one outside could access it. So, storing username and pass there is totally secured, but i have never tried it. As i told you it is secured dont warry.
Sean wrote: > So, not to be paranoid or anything, but there are no tricks or > anything to get into the WEB-INF folder and beyond? If I try to access > it from a browser I do get the 403 (FORBIDDEN) error, I just want to > make sure there's no quick turn around for that. I guess I lied, I am > paranoid. Thanks for your help! > > On Jun 9, 7:55 am, mnenchev <nenchev.mari...@gmail.com> wrote: > >> Every thing witch is in your server package is on the server, so no one >> could access your private data. It is like in hibernate, that has >> hibernate config file where the user and pass are stored. This config >> file is on the server and no one has access to it. >> >> Sean wrote: >> >>> In regards to using RPC's to access a database, I am worried about >>> security. I'd love to use an RPC to access a DB, but what I can't >>> figure out is how to store the name and pw of the DB. I'm afraid if I >>> put it right in the code someone could just read it. If I try to read >>> it from a file, I'm afraid that they will see the path to the file and >>> read it. >>> >>> Is it secure enough to put the PW in a locked directory from the >>> outside world and read it? I'm afraid it'd be too easy to break in. >>> How do you do it? >>> > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---