how to encrypt password of server.xml in tomcat 7

Question

I want to digest/encrypt tomcat's server.xml password. I have seen several codes in the internet which leads me to add factory inside Resource tag as you see below. Unfortunately I have Atomikos already added in the factory whick do not allow me to add second factory.

Could you please help me a second way in order to use encrypted password in the server. xml or do you know a way to add a second factory in the Resource tag of server.xml ?

If my question is not clear, I would give more examples. Any help is appreciated. Thanks.

<Resource auth="Container" driverClassName="net.sourceforge.jtds.jdbc.Driver" factory="com.atomikos.tomcat.EnhancedTomcatAtomikosBeanFactory" 
maxPoolSize="50" minPoolSize="1" name="global/EFaturaDS" testQuery="SELECT 1" type="com.atomikos.jdbc.nonxa.AtomikosNonXADataSourceBean" 
uniqueResourceName="global/EFaturaDS" url="jdbc:jtds:sqlserver://localhost:8080/application;instance=APP08;charset=cp1254;" /> 

Answer 1

This short answer is no: you cannot encrypt your password in your server.xml file. For the longer answer, you should read Tomcat's wiki page on passwords in configuration files.

Here is the relevant part answering the question "Why are plain text passwords in the config files?"

Because there is no good way to "secure" them. When Tomcat needs to connect to a database, it needs the original password. While the password could be encoded, there still needs to be a mechanism to decode it.

It goes on to explain in detail why this is only possible if you wrongly convince yourself that you are improving security, and why the Tomcat developers won't go out of their way to help you do it.

There is a section on how to "just do it" if you have an overly heavy-handed security assessment that you need to pass and just need to get it done, even though it does not protect you in any meaningful way.