struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Security Management" <list-subscripti...@secmgmt.com>
Subject RE: Convention for keeping passwords out of struts.xml
Date Thu, 12 Mar 2009 19:28:26 GMT
I'll look up the spring way to do it, I was incorrectly thinking my stuff
was in struts.xml, but it's in applicationContext (which is, of course,
spring).

Thanks

-----Original Message-----
From: Dave Newton [mailto:newton.dave@yahoo.com] 
Sent: Thursday, March 12, 2009 2:57 PM
To: Struts Users Mailing List
Subject: Re: Convention for keeping passwords out of struts.xml

Jim Kiley wrote:
> Dave's right -- a good choice here is to keep that kind of data in a
server
> settings config file, and set up your application to pull the database
> context info out of the JNDI context.  Check out
> http://tomcat.apache.org/tomcat-5.5-doc/index.html
> <http://tomcat.apache.org/tomcat-5.5-doc/index.html>for
> details on this sort of thing.

I'm with Jim. But that aside you can also use Spring's 
property-placeholder (or whatever it's called) to keep passwords in a 
property file, the values of which are then referenced inside the Spring 
config file.

This seems more like a Spring-ish topic, though.

Dave


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message