My developers are wanting to see the server.log of my production jboss server, but included in the log files are the oracle username and passwords configured for the datasource.
Right now I just have the log file directory restricted via file permissions so they can't view it, but they are now requesting access to it for troubleshooting problems.
After a quick search of the forums I didn't come across anything. So it is possible to filter out the datasource passwords via a jboss configuration file?
I'm using jboss-3.2.1_tomcat-4.1.24
Thanks in advance for your help.
You need to update jboss to remove the passwords.