tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emerson Cargnin <emer...@tre-sc.gov.br>
Subject Re: any standart way to keep passwords encripted???
Date Fri, 02 Apr 2004 23:06:52 GMT

Parsons Technical Services wrote:
> Emerson,
> 
> 
>>- Being in plain text in server.xml (as configured for tomcat)
> 
> Protect the file with permissions.
> 
> 
> 
>>- Read the web.xml by a standalone app and encript the password, in my
>>connection servlet I read it and decritp it.
>>
>>- Have a separate file for each pool, this file,encripted, would contain
>>info about each pool.
> 
> If I can read the server.xml then I can read your .class file the decrypts
> it and thus can still get your password.
I still can use certificate to encript decript...
> 
> 
> 
>>BTW, is there any way to use the same pool for more than one app, using
>>tomcat pool configuration ???
> 
> GlobalNamingResources
> 
> 
> Search the archives for both of these subjects as they have been discussed
> often.
> 
> Doug
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


-- 
Emerson Cargnin
Analista de Sistemas
Setor de Desenvolvimento de Sistemas - TRE-SC
tel : (048) - 251-3700 - Ramal 3181

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message