How to avoid written password as plain text ?

Hallo,

I wrote a java application that runs standalone (without app server) at server side, and make a JDBC connection. User and pwd are read from a property file.

Is there any way to avoid wrtting the password as plain text in the property file ?

The DBA may change the pwd at the DB, but should not modify the configuration file of this app. How to inform the app that its pwd has changed ?

Thank you !!

[436 byte] By [paparajotea] at [2007-10-2 1:22:41]

«« Needed Latest SCJP 1.4 exam pattern +question papers
»» Prepared statement

# 1

How should the password change if the DBA doesn't has access to this property file? You could write a separate property file just containing the password that is editable via the DBA.

Also offer a little Java app that encrypts plain text. This would be called by the DBA who encrypts the new password and copies the encryption result in the properties file. Your app then reads this encrypted password and decrypts it on the fly (of courtse with the same key). This way, we also have JDBC connection properties with encrypted values.

MartinHilperta at 2007-7-15 18:44:16 >

top of Java-index,Security,Other Security APIs, Tools, and Issues...

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

How to avoid written password as plain text ?

Security New Topic

Security Hot Topic

Security

All Classified