[Tomcat-users] dbcp datasource encryption

Filip Hanik
Apr 23, 2012 at 5:50 pm

----- Original Message -----


In short, no.

Encrypting your database, database user, and database password buys
you virtually (and most people would say actually) nothing.
"virtually nothing" is the opposite of what I would call it. What about compliance, this is HUGE for companies, and not to be discarded as an unimportant requirement


If you wish to implement password obfuscator/deobfuscator yourself, you can set the
org.apache.tomcat.util.digester.PROPERTY_SOURCE system property to a class that deobfuscates your password for you

reference: http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html

To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Search Discussions

Discussion Posts


Follow ups

Related Discussions