...

While you cannot encrypt the database password in the <frevvo-home>\tomcat\conf\dbconnector.properties file, you can provide added security using one of the following methods:

1. Define the data source at the container (tomcat) level for some added security. Please see this documentation which explains how.
2. Store password as an OS Environment Variable and reference that variable in the dbconnector.properties file. See Secure Passwords in Tomcat for details.

Block Access to Database Connector URLs

There is nothing built in the  Database Connector to block public access or enforce authentication to the database connector status page or other database connector URLs.
 
If you are using  On Premise and the Database Connector is installed in the same tomcat as frevvo, you can restrict access to all database connector URLs from outside, allowing connections only from localhost (i.e. frevvo) by creating an individual context.xml for your app.

1. Stop frevvo.
2. Navigate to <frevvohome>\tomcat\webapps\database\META-INF\context.xml. Edit this file.

3. Add the line 

   Code Block
   <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"/>

   Your context.xml should now look like this:

   Code Block

   <Context path="/database" unpackWAR="true" copyXML="false"> <Parameter name="spring.main.banner-mode" value="OFF" override="false"/> <Parameter name="logging.file" value="${catalina.base}/logs/database-connector.%d{yyyy-MM-dd}.log" override="false"/> <JarScanner scanClassPath="false"/> <!-- Add the next line to block remote access to the "database" web app --> <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"/> </Context>

   Info
   Please see additional options for this solution in this article.

4. Restart frevvo.

Alternately, if you want to block public access to just the Database Connector status page, then the only option is to block it using a reverse proxy.