tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohamed Tagari <tag...@ebi.ac.uk>
Subject security of server.xml in tomcat
Date Mon, 09 Jun 2003 14:31:49 GMT
Hi,

Is there any way of instantiating the password and username 
parameters for connecting to a database in the application code rather 
than having it as plain text in the server.xml. 

As having the username and password as plain text is not 
very secure..

Any help/information will be apprectiated..

The database will be containing sensitive information, hence all passwords 
and usernames have to be protected..

// java code
Context init = new InitialContext();
Context ctx = (Context) init.lookup("java:comp/env");
DataSource ds = (DataSource) ctx.lookup("jdbc/myoracle");



// extract from server.xml
<Resource name="jdbc/myoracle" auth="Container"
              type="javax.sql.DataSource"/> 

<ResourceParams name="jdbc/myoracle">
    .
    .
    .
  <parameter>
    <name>username</name>
    <value>scott</value>
  </parameter>
  <parameter>
    <name>password</name>
    <value>tiger</value>
  </parameter>
    .
    .
</ResourceParams>

mo



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message