tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: Query on Tomcat Server.xml
Date Mon, 31 Aug 2009 14:08:07 GMT
> From: Tk, Pramod (NSN - IN/Bangalore) [mailto:pramod.tk@nsn.com]
> Subject: Query on Tomcat Server.xml
> 
> I presume this type of hardcoding in server.xml is security loop hole.

Not really.

If you don't put the password in server.xml, where are you going to put it?  The server.xml
file can have the same access constraints applied to it as any other location for the password.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message