In fact, i am designing a xml configuration file for a
java application, which handle the database operation, so i need to put the password somewhere in the config file. to xml structure point of view, it is better to define the password as an attribute, but it is possible the "<" is included in the password string, and i could not find a good way to handle this case, because the "<" is not allowed in the attribute, i am not sure if the serializer you mentioned and handle it well.
so if i could not find the good way, i have to put the password as an element in the file, then wrap it by "<![CDATA[....]>", that maybe works, but the file structure looks awful.