posted 14 years ago
+1.
Every time I hear this (or a simmilar) requirement (and it comes up fairly regularaly), I assume said engineer doesn't have confidence in their own ability to secure a production system, or are working in aan unthinking way from some sort of crib sheet. Plain text passwords are usually fine on properly secured machines; if someone has admin access to the machine its only a mater of time until they manage to do something bad, and they can easily do bad without knowing the password to your database. I wouldn't worry about it, unless you have a malicious admin, but there not much anyone can do if you've got one of them. You could programatically configure Hibernate if you absolutely don't want a password stored anywhere (and prompt for the password when you application stars) but "production system" sounds like a server, so I'd just go with securing the box itself and not worrying about passwords in config files.