THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Why are plain text passwords in the config files?
Because there isn't a a is no good way to "secure" them. When Tomcat needs to connect to a database, it needs the original password. While the password could be encoded, there still needs to be a mechanism to decode it. And since the source to Tomcat is freely available, the attacker would know the decoding method. So at best, the password is obscured - but not really protected. Please see the user and dev list archives for flames flame wars about this topic.
That said, any configuration file that does contain a password needs to be appropriately secured. That means limiting access to the file to so that it could be read only by the user that Tomcat process runs as and root (or the administrator on Windows).
...
- Now, whenever you write
&resources;in the text below, it will be replaced by the content of the file "resources.txt". The file path is relative to the conf directory. - Write your own datasource implementation which wraps your datasource and obscure your brains out (XOR and ROT13 are great candidates for this since their strength matches the protection you'll actually get). See the docs on how to do this.
- Write your own
javax.naming.spi.ObjectFactoryimplementation that creates and configures your datasource. - (Tomcat 7) Write your own
org.apache.tomcat.util.IntrospectionUtils.PropertySourceimplementation to 'decrypt' passwords that are 'encrypted' in catalina.properties and referenced via ${...} in server.xml. You 'll will need to set the system propertyorg.apache.tomcat.util.digester.PROPERTY_SOURCEto point to your PropertySource implementation.
...