The J2EE application stores a plaintext password in a
					configuration file.Storing a plaintext password in a configuration file allows anyone who can
						read the file to access the password-protected resource, making it an easy
						target for attackers.