java - Deleting default user database resource from Tomcat's default server.xml configuration file -

tomcat's (8.0.27) server.xml file contains default user database definition under global naming resources section:

  <globalnamingresources>     <!-- editable user database can used          userdatabaserealm authenticate users     -->     <resource name="userdatabase" auth="container"               type="org.apache.catalina.userdatabase"               description="user database can updated , saved"               factory="org.apache.catalina.users.memoryuserdatabasefactory"               pathname="conf/tomcat-users.xml" />   </globalnamingresources> 

some scans discovered tomcat-users.xml file contains plain text passwords. wondering whether resource can deleted? not planing use realm under engine definition nor using tomcat manager application.

i didn't find answer under tomcat documentation section.

yes can, if delete realm using resource :

 <!-- use lockoutrealm prevent attempts guess user passwords via brute-force attack --> <realm classname="org.apache.catalina.realm.lockoutrealm"> <!-- realm uses userdatabase configured in global jndi resources under key "userdatabase". edits performed against userdatabase available use realm. --> <realm classname="org.apache.catalina.realm.userdatabaserealm" resourcename="userdatabase"/> </realm> 

be aware doing this, need further configuration user manager app.