tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Rossbach ...@objektpark.de>
Subject Re: Securing Tomcat Context Descriptor
Date Sat, 20 Aug 2005 08:30:20 GMT
I thing you can use the Java Security Manager and OS level file 
permisssion for this
or wrote your own DataSource JNDI Factory.

Peter

Brett Parsons schrieb:

> Hi All,
>
> There is a requirement on the server that we have Tomcat 5.0.28 
> deployed that no username/password information can be stored in 
> plaintext (in the open).  Like many people, we are using JNDI 
> datasources in our web application.  The datasource connection 
> information (including the database username/password) is stored in 
> the Tomcat Context Descriptor under 
> TOMCATDIR/conf/Catalina/localhost/myApp.xml.
>
> Does Tomcat provide a more secure way of storing the connection 
> information stored in these context deployment descriptors?  Has 
> anyone else run into the same problem and been able to solve it somehow?
>
> Thanks,
>
> Brett
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message