I was shocked to discover at my new gig that the database password that Tomcat loaded up into JNDI were not encrypted on the live site. I was even more shocked that Tomcat does not provide a quick fix for this. So here's mine. Encode the password in your text file, and figure out where the below goes in your code: /** * Get a DataSource for the given JNDI name (with caching of lookups) * * @param dataSourceJNDIName The DataSource name * @return A DataSource for JNDI name 'dataSourceJNDIName', or null if the * lookup fails. */ public static DataSource getDataSource(String dataSourceJNDIName) { DataSource dataSource = null; if (null != dataSourceJNDIName) { ...
a personal and public white board