tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohamed Tagari <tag...@ebi.ac.uk>
Subject Re: security of server.xml
Date Thu, 05 Jun 2003 15:04:43 GMT
HI, 

the database  contains sensitive information and so the password and 
username should not be available even as a read only..

Due to the sensitivity of the data it could be seen viable to recompile
the code, and redeploy your application.

mo

On Thu, 5 Jun 2003, John Turner wrote:

> 
> Well, if you put in code, then every time it changes you need to recompile 
> your code, and redeploy your application.
> 
> If you put it in server.xml, you don't ever have to do that.
> 
> The security on server.xml is easy:
> 
> chmod 700 TOMCAT_USER
> 
> TOMCAT_USER = whatever user Tomcat runs as
> 
> John
> 
> On Thu, 5 Jun 2003 10:40:21 +0100 (BST), Mohamed Tagari <tagari@ebi.ac.uk> 
> wrote:
> 
> > Hi,
> >
> > Is there any way of taking the password and username for connecting to a 
> > database out of the server.xml, and placing it in code before the lookup 
> > is done on this?? As having the username and password as plain text is 
> > not very secure..
> >
> > // java code
> > Context init = new InitialContext();
> > Context ctx = (Context) init.lookup("java:comp/env");
> > DataSource ds = (DataSource) ctx.lookup("jdbc/myoracle");
> >
> >
> >
> > // extract from server.xml
> > <Resource name="jdbc/myoracle" auth="Container"
> > type="javax.sql.DataSource"/>
> >
> > <ResourceParams name="jdbc/myoracle">
> > .
> > .
> > .
> > <parameter>
> > <name>username</name>
> > <value>scott</value>
> > </parameter>
> > <parameter>
> > <name>password</name>
> > <value>tiger</value>
> > </parameter>
> > .
> > .
> > </ResourceParams>
> >
> > mo
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
> 
> 
> 
> -- 
> Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message