Hi,
Is there any way of instantiating the password and username parameters for connecting to a database in the application code rather than having it as plain text in the server.xml.
As having the username and password as plain text is not very secure..
Any help/information will be apprectiated..
ok store the username/password as an encrypted text string and use the JAAS API to a: encrypt it in the first place, and b: read it back into the the application from the encrypted text string in the server.xml file.
I was looking into this myself (not using tomcat but in another Oracle/Java project), but the time it would take for me to implement and test the secure/encrypted version (2 days including test) was deemed to be not worthwhile. C'est la vie.
Kev
<parameter>
<name>username</name>
<value>scott</value>
</parameter>
<parameter>
<name>password</name>
<value>tiger</value>
</parameter>
especially the default scott/tiger :)
--
"To be governed is to be watched over, inspected, spied on, directed, legislated..." - Pierre-Joseph Proudhon
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
