tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik Mailing Lists <>
Subject Re: dbcp datasource encryption
Date Mon, 23 Apr 2012 17:47:13 GMT

----- Original Message -----

> In short, no.
> Encrypting your database, database user, and database password buys
> you virtually (and most people would say actually) nothing.

"virtually nothing" is the opposite of what I would call it. What about compliance, this is
HUGE for companies, and not to be discarded as an unimportant requirement

If you wish to implement password obfuscator/deobfuscator yourself, you can set the 
org.apache.tomcat.util.digester.PROPERTY_SOURCE system property to a class that deobfuscates
your password for you


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message