I will assume you mean protect the file from being read. The easiest way to do that is to assign read/write permission to the file to whoever user is running tomcat and remove all permissions from group. That also assumes that you are running some flavour of Unix, but you could achieve the same with Win32 security.
-----Original Message----- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: 10 March 2004 01:40 To: [EMAIL PROTECTED] Subject: How to protect server.xml? Hey guys, I have both a keystore password and a database connection user name/password in cleartext in my server.xml file and I don't know how to get around that. In light of this, has anybody come up with a way to protect server.xml? Is there a way to encrypt these passwords? Or perhaps to encrypt the whole server.xml file itself? This has been weighing on my mind for a few months now, and I couldn't find a solution in the mailing list archives. I'd appreciate any help! Tomcat version: 4.1.27 __________________________________ Do you Yahoo!? Yahoo! Search - Find what you're looking for faster http://search.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. Note:__________________________________________________________________ This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Jaguar Freight Services and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs.