tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik Mailing Lists <devli...@hanik.com>
Subject Re: dbcp datasource encryption
Date Mon, 23 Apr 2012 17:47:13 GMT


----- Original Message -----

> 
> http://wiki.apache.org/tomcat/FAQ/Password
> 
> 
> In short, no.
> 
> Encrypting your database, database user, and database password buys
> you virtually (and most people would say actually) nothing.

"virtually nothing" is the opposite of what I would call it. What about compliance, this is
HUGE for companies, and not to be discarded as an unimportant requirement

http://tomcat.markmail.org/thread/wmdu4e52y2msjzal

If you wish to implement password obfuscator/deobfuscator yourself, you can set the 
org.apache.tomcat.util.digester.PROPERTY_SOURCE system property to a class that deobfuscates
your password for you

reference: http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message