You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by jmaltais <je...@techie.com> on 2007/06/26 22:09:18 UTC
(More) Hiding Password from server.xml
Hi gang!
I know this has been discussed before. I want to completely remove the
password from the server.xml file. It is only readable by root but that is
not good enough for me.
Some ideas:
* Hardcoding in a JDBC driver but then it can be taken and used by anybody.
* What about a subclassed Datasource with the specific login info there?
The problem is I don't want to have to always need to build tomcat from
source. Anyone have an answer or have tried this before?
More thoughts?
Cheers!
J
--
View this message in context: http://www.nabble.com/%28More%29-Hiding-Password-from-server.xml-tf3984487.html#a11312799
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: (More) Hiding Password from server.xml
Posted by David Smith <dn...@cornell.edu>.
Best I can think of is to write your own class to initialize a db pool
and pull the password from a file encrypted with the server's public key
(assuming it has a ssl cert.). To get the password from such a file
requires the server's private ssl key which should be protected like the
Hope Diamond anyway.
I'll let you do the rest from there or modify it to fit your needs.
--David
jmaltais wrote:
> Hi gang!
>
> I know this has been discussed before. I want to completely remove the
> password from the server.xml file. It is only readable by root but that is
> not good enough for me.
> Some ideas:
> * Hardcoding in a JDBC driver but then it can be taken and used by anybody.
> * What about a subclassed Datasource with the specific login info there?
> The problem is I don't want to have to always need to build tomcat from
> source. Anyone have an answer or have tried this before?
>
> More thoughts?
>
> Cheers!
> J
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org