That's a different issue, Joe. SSL encrypts the flow, and is not specific to
Cocoon. I wouldn't expect Cocoon to handle this. I'm wanting to encrypt the
passwords (or other sensitive data) in the actual XML files, as, for example,
Apache does with its htpasswd files. IMO, all passwords should b
I'm going to answer this in terms of an SSL connection
from a client to your webserver (Apache or Tomcat, etc)...
In the Tomcat documentation it states that when an SSL
connection is made, the connection is encrypted from the
client to the webserver as in any normal webserver
situation. The
On Friday 15 Mar 2002 11:07 pm, Vadim Gritsenko wrote:
>
> How do you handle plain text DB password in the weblogic's config.xml
> file? Or in the JRun server's local.properties file? Or Tomcat's
> server.xml?
I don't. I don't use weblogic or jrun, nor do I have passwords in server.xml
> I guess
> From: Peter Robins [mailto:[EMAIL PROTECTED]]
>
> Altho I can put most of my sensitive data in an RDBMS with proper
security,
> when I see things like db passwords lying around in non-secure XML
files,
> which can easily be referenced programmatically, then alarm bells
start
> ringing. I haven'
Altho I can put most of my sensitive data in an RDBMS with proper security,
when I see things like db passwords lying around in non-secure XML files,
which can easily be referenced programmatically, then alarm bells start
ringing. I haven't found any reference anywhere to encrypting data elemen