tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Bengts <>
Subject Re: encrypt passwords for JNDI Resources (Datasource specifically)
Date Fri, 02 Aug 2002 20:55:06 GMT
On Fri, 2 Aug 2002, Jacob Kjome wrote:

> Can someone comment on this?  I'd really like to know if I can digest
> the passwords that I use for my configuration in the Server.xml for
> DBCP Datasources.  Is it possible?  If not, is it planned?

> Thursday, August 01, 2002, 1:00:16 PM, you wrote:
> JK> Seems to me someone wrote about this before, but I can't find it.  I'm
> JK> wondering if passwords can be digested in JNDI Resource configuration
> JK> just like one can in the Realm configurations?  I'd rather not store
> JK> the password for my database in cleartext.  The Resource docs don't
> JK> seem to mention anything about digesting passwords.  Is it not
> JK> possible?  If not now, is this feature planned?  I'm using
> JK> Tomcat-4.1.8.
> JK> Jake

I am not really sure what you are talking about, but if you store a
password that you will later use to connect to a database, you cannot
store a digest. There is no way a program can reproduce the password it
needs when connecting if it has just a digest. With digests you can only
check that a submitted password produces the same digest.


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message