tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Encrypting passwords in the connection pool setup
Date Tue, 01 May 2007 15:49:21 GMT
Hash: SHA1


Richard DeGrande wrote:
> The ability to store encrypted passwords doesn't necessarily have to
> be used to protect the system from hackers.  This would be a GREAT
> feature to enforce the responsibilities between different roles in a
> development environment.

I solve this problem by using a replaceable set of credentials in the
context.xml file (where I set up my connection pool). When I deploy
using ant, the values are pulled-in from ~/ which can be
set per user. In production, the installing user has their own set of
credentials. The creds are left out of revision tracking, so "mere"
developers never know the production creds.

> Also,  The encryption doesn't have to be
> full proof, it just needs to be a deterrent.

The point is that encryption such as this only protects against
accidental disclosure of a password. The password must be decrypted
using a key which is in plain text, so there's no effective security.

> For the most part it is
> the people with shell access that I want to remove the ability to
> read the passwords from.

Then make your files readable only by the user under which Tomcat is run.

> Sometimes security through obscurity is enough.

No. Security through obscurity only protects against accidental
disclosure among friendly users. There are better ways to achieve this
goal (such as using file permissions).

The bottom line is that I don't know of any connection pool that
supports encrypted passwords in the configuration, so this discussion is
entirely academic.

- -chris

Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla -


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message