This content has been marked as final.
Show 2 replies
-
1. Re: Using encrypted passwords in datasource config files dir
fhh Apr 5, 2007 5:38 AM (in response to mskonda)
I expect JBoss to read the encrypted password, decrypt it and then create the Datasource.
The application server has to obtain the password to decrypt the actual datasource password from somewhere. That is what the wiki page is all about.
Regards
Felix -
2. Re: Using encrypted passwords in datasource config files dir
cchee Apr 26, 2007 1:53 PM (in response to mskonda)Or you can take the user type password and ran it through one way encryption (e.g. md5) and compare that hash with what is stored in the database. It is probably safer. One caveat: If your user forgot their password, the password has to be reset and then send to them. After they got in, they can still change the password to something they can remember.