You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Nicholas Sushkin <ns...@openfinance.com> on 2011/02/22 18:54:31 UTC

Can datasource password be changed in jdbc-pool?

Hi,

I am checking out the new Tomcat's jdbc-pool. So far it's great. I like JMX 
monitoring feature.

I searched lists and google for how to change database password in the JNDI 
data source and couldn't find anything. Can it be done? 

If not, then can JMX MBean be extended with an operation to set the password 
(write only)? 

Sometimes database passwords change while the application is deployed and it 
would've been nice to update the passwords without redeploying. Also, it would 
eliminate the need to store sensitive passwords in files. I am not sure what 
the security implications of being able to set the password is, but I think 
it's safe, since the JMX connection can be authenticated and secured.

Thanks
-- 
Nicholas Sushkin, Senior Software Engineer, Manager of IT Operations
Open Finance Aggregation eXchange <http://www.aggex.com>

Re: Can datasource password be changed in jdbc-pool?

Posted by Filip Hanik - Dev Lists <de...@hanik.com>.

hi Nicholas,
yes and no. You can change the password by simply doing
DataSource ds = ....
PoolConfiguration pcf = (PoolConfiguration)ds;
pcf.setPassword(...);

however, this change would only take into effect for newly created 
connections, and not the ones already in the pool.
There is some needed support to refresh the pool with configuration 
changes.

I will open a Bugzilla enhancement request, and we can get this implemented.

best
Filip

On 02/22/2011 10:54 AM, Nicholas Sushkin wrote:
> Hi,
>
> I am checking out the new Tomcat's jdbc-pool. So far it's great. I like JMX
> monitoring feature.
>
> I searched lists and google for how to change database password in the JNDI
> data source and couldn't find anything. Can it be done?
>
> If not, then can JMX MBean be extended with an operation to set the password
> (write only)?
>
> Sometimes database passwords change while the application is deployed and it
> would've been nice to update the passwords without redeploying. Also, it would
> eliminate the need to store sensitive passwords in files. I am not sure what
> the security implications of being able to set the password is, but I think
> it's safe, since the JMX connection can be authenticated and secured.
>
> Thanks
>    


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org