tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Curley, Thomas" <thomas.cur...@euroconex.com>
Subject Security Hole - server.xml
Date Wed, 26 Nov 2003 13:47:35 GMT
Hi all,

A direct question arising from a security review :-

 Using a datasource it is possible to remove the 'username', 'password' or at least encrypt
them using someting like MD5


thanks in advance for your info

Thomas







*********************************************************************************************
This email and any attachments are confidential and intended for the sole use of the intended
recipient(s).If you receive this email in error please notify emailadmin@euroconex.com and
delete it from your system. Any unauthorized dissemination, retransmission, or copying of
this email and any attachments is prohibited. Euroconex does not accept any responsibility
for any breach of confidence, which may arise from the use of email. Please note that any
views or opinions presented in this email are solely those of the author and do not necessarily
represent those of the Company. This message has been scanned for known computer viruses.

*********************************************************************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message