unless this is for
testing in which case it does not matter the password does not belong in your context xml. No matter how you choose to encode it the application has the logic to decode it. You are basically placing the keys next to the lockbox. If the goal is only to obfiscate then fine, but realize that anybody at any time can still get the real password.
I assume you are using Spring Security. Peruse the many different options in the documentation and use one of those for authentication.
JDBC(database), LDAP etc.