----- Original Message -----
> > http://wiki.apache.org/tomcat/FAQ/Password > > > In short, no. > > Encrypting your database, database user, and database password buys > you virtually (and most people would say actually) nothing. "virtually nothing" is the opposite of what I would call it. What about compliance, this is HUGE for companies, and not to be discarded as an unimportant requirement http://tomcat.markmail.org/thread/wmdu4e52y2msjzal If you wish to implement password obfuscator/deobfuscator yourself, you can set the org.apache.tomcat.util.digester.PROPERTY_SOURCE system property to a class that deobfuscates your password for you reference: http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org