FAQ

[Tomcat-users] dbcp datasource encryption

Filip Hanik
Apr 23, 2012 at 5:50 pm

----- Original Message -----


http://wiki.apache.org/tomcat/FAQ/Password


In short, no.

Encrypting your database, database user, and database password buys
you virtually (and most people would say actually) nothing.
"virtually nothing" is the opposite of what I would call it. What about compliance, this is HUGE for companies, and not to be discarded as an unimportant requirement

http://tomcat.markmail.org/thread/wmdu4e52y2msjzal

If you wish to implement password obfuscator/deobfuscator yourself, you can set the
org.apache.tomcat.util.digester.PROPERTY_SOURCE system property to a class that deobfuscates your password for you

reference: http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
reply

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions