tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brett Parsons" <>
Subject Securing Tomcat Context Descriptor
Date Fri, 19 Aug 2005 18:45:32 GMT
Hi All,

There is a requirement on the server that we have Tomcat 5.0.28 deployed 
that no username/password information can be stored in plaintext (in the 
open).  Like many people, we are using JNDI datasources in our web 
application.  The datasource connection information (including the database 
username/password) is stored in the Tomcat Context Descriptor under 

Does Tomcat provide a more secure way of storing the connection information 
stored in these context deployment descriptors?  Has anyone else run into 
the same problem and been able to solve it somehow?



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message