This is not a secure solution (which is what I assume you are after). What
is to stop someone malicious getting/intercepting the email? Sending a
username and password over email is a hackers dream!
You cannot pass any variables to anyone except the cold fusion server.
There has to be some form of authentication to be able to insert into the
database though.
Paul
> -----Original Message-----
> From: Shane Witbeck [mailto:[EMAIL PROTECTED]]
> Sent: 02 November 2000 13:02
> To: CF-Talk
> Subject: RE: Paranoid programming...
>
>
> Create a separate user/pass and authenticate through email? i.e.
> they supply
> a user/pass to get the db user/pass sent to them via email.
>
> -----Original Message-----
> From: Larry W. Virden [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 02, 2000 4:41 AM
> To: CF-Talk
> Subject: Paranoid programming...
>
>
> Okay - bear with me here folk!
>
> Imagine one has a database (for example Oracle) which requires a user id
> and password to access. Now, imagine writing an application to let joe
> user to look up and insert info into this table. HOWEVER, we do not
> want to generally publish the user id and password; we want the coldfusion
> app as the 'gateway' into the table.
>
> So far, so good.
>
> However, because of the gateway issue, hard coding the userid and password
> into the cfm files is out - the cfm files are in general accessible by
> someone browsing the directories.
>
> The database itself is sensitive enough that the owner does not want the
> userid and password put into the ColdFusion admin area either...
>
> If you had to write an app where the database userid and password:
> could not be hard coded,
> could not be put into the admin area,
> could not be entered via prompting
> what approach would you use? Putting it into a file - encrypted or not -
> doesn't work; the files are readable and so someone could just copy them
> and build their own 'pseudo' app that accesses the data, right?
>
> Looking for 'outside the box' possible solutions.
>
> If it helps, the platform for the server is SPARC Solaris.
> --
> Never apply a Star Trek solution to a Babylon 5 problem.
> Larry W. Virden <mailto:[EMAIL PROTECTED]> <URL:
> http://www.purl.org/NET/lvirden/>
> Even if explicitly stated to the contrary, nothing in this posting should
> be construed as representing my employer's opinions.
> -><-
> ------------------------------------------------------------------
> ----------
> --------------------
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
> or send a
> message with 'unsubscribe' in the body to
> [EMAIL PROTECTED]
>
> ------------------------------------------------------------------
> ------------------------------
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
> or send a message with 'unsubscribe' in the body to
> [EMAIL PROTECTED]
>
------------------------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message
with 'unsubscribe' in the body to [EMAIL PROTECTED]
