[jboss-user] [Security & JAAS/JBoss] - DB password at rest in login-config.xml: how to avoid this?

Friday, 12 January 2007

Our use of JBoss 4.03 has the DB password in login-config.xml openly visible. The database
pool connection we implement requires this password in login-config and its runtime copy
in tmp/deploy.  Is there a way to set up the DB pool connection without having the DB
password in login-config? Obviously we can encrypt the DB password, but is there a way to
avoid putting the DB password in the clear in login-config.xml the first place?

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4000984#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - DB password at rest in login-config.xml: how to avoid this?