tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Parsons Technical Services" <parsonstechni...@earthlink.net>
Subject Re: any standart way to keep passwords encripted???
Date Sat, 03 Apr 2004 01:10:57 GMT
> > If I can read the server.xml then I can read your .class file the
decrypts
> > it and thus can still get your password.
> I still can use certificate to encript decript...

And if I am in control of the server, then I have access to that certificate
as well.

The point is simply that with proper permissions your password is as safe as
it needs to be. If someone gets to it, you have way bigger problems on your
hands.

Doug



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message