Hi,
I posted this issue already in jboss-installation but it seems to be the wrong place...

I need to protect my database from access by the user who is starting the application accessing the database in order to prevent attacks by single insider persons.

I run jboss-3.0.6 and mysql 3.23.54 (perhaps 4.0 later). I know there are some services which provide variables in their *-service.xml which can be replaced at jboss-startup (after password-decryption for example), but with mysql-service.xml this does'nt work.

Is there any other way to protect my database to satisfy these needs?
As our project reaches the finish-line in the next few weeks this becomes a fast-to-solve-issue, so please do not hesitate to answer even if you are not sure it really leads me to the solution...

Thnx in advance,
Lutz

PS: Table access rights do not help, because the application needs full access to the critical sections of my data