I am trying to see if there's any way to avoid setting clear text password in the datasource configuration file or a way to encrypt the password. We are currently using JBoss 3.2.3 with an Oracle 9i database. I know that starting with JBoss 3.2.8.SP1, JBoss provides a simple login module for encrypting a datasource password. But is there a similar workaround for JBoss 3.2.3? We want to avoid having to upgrade to a later version of JBoss, at least for now. Is there a way to maybe intercept the call that?s made to the config file and do our own encryption? Any input would be greatly appreciated!