"cuputur" wrote:
I guess the question should be here:
Dear JBOSS:
I am using JBOSS 3.2.3 and MySql 4.0.16.
Under the directory:
$JBOSS_HOME/server/default/deploy, there is a file "mysql-ds.xml":
The file has something like the following:
......................................................
<local-tx-datasource>
<jndi-name>MySqlDS</jndi-name>
<connection-url>jdbc:mysql://localhost:3306/authority</connection-url>
<driver-class>org.gjt.mm.mysql.Driver</driver-class>
<user-name>test</user-name>
test123
</local-tx-datasource>
..................................................................
Since the database user-name("test") and password("test123") are plain texts, these are big security flaws. Anybody who can read this
file can use this user-name and password to do anything with the database.
How can we encode the password so that even people can read this file, but can't get the original password?
Could somebody provide a sample configuration file "mysql-ds.xml" and related files?
Thanks a million,
Jerry