https://stackoverflow.com/questions/20738912
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianIs it good to store db user and pass in web.xml for the ease of configuration?
- It is not a very good thing to store the username and password in web.xml rather you can put the username and password in a separate file in your environment. then, provide the location of that file in your web.xml. You can also restrict the access to the file only to the root user who runs your application
shall I store them in code for security wise?
- Storing the username and password in code is a good idea. but, it has disadvantages like you need to recompile,build and deploy if your credentials change. The other thing is by making use of decompiler, there are chances your credentials can be identified
In other words is web.xml visible to end user?
- No, web.xml is not visible to end users. It is a configuration file for your web application know as deployment descriptor. This file is used by the web application server during deployment.
Hope, you understand it now!
