Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Database Connectivity >> Java Database Connectivity (JDBC)

password files

What is the best way to protect the uname/pwd combinations to connect to a database? The only thing in use where I'm at is to keep them all in a configuration file alongside the application and encrypt them with jce, which is decrypted by the application at run-time.Thanks,,
[290 byte] By [j_saejina] at [2007-11-26 19:44:45]
«« help with this code
»» JWS with ejb problem, help me please
# 1
AFAIMC the real question is "is it necessary?"if someone has access to the filesystem where the config file is, he will have access to everything needed to decrypt ,or to the LAN where the user/pass will be transmitted once decrypted.What is the context of your application?
alban.maillerea at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 2
it supports business documents..
j_saejina at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 3
i meant the technical context... where is the app hosted (lan or internet, local machine, DMZ etc..) any detail that will help us to know WHY the password should be encrypted
alban.maillerea at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 4
its on a lan, hosted as an intranet app.
j_saejina at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 5
and users of the lan have read access to the home directory of the server?if yes... well... they should not
alban.maillerea at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 6
> and users of the lan have read access to the home> directory of the server?> if yes... well... they should notnope.
j_saejina at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 7
the server is primarily a web server. It doesn't serve the purpose of file sharing.. there is always the concern from regular users, but mainly the concern of a compromise on the server from outside the lan-which could lead to a compromise in the database, which would be beneficial to
j_saejina at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 8
you mean that by exploiting a bug or security hole in the server , somebody would be able to read local files and get the db connection params?
alban.maillerea at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 9
yes...
j_saejina at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
# 10
ok, you want to find a solution to possible security holes... if you find one, please share it, i'm sure the whole software industry will thank you ;)
alban.maillerea at 2007-7-9 22:29:11 > top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...
Java Database Connectivity (JDBC)

Database Connectivity New Topic

Database Connectivity Hot Topic

Database Connectivity

All Classified