On Tue, Aug 28, 2001 at 11:21:45AM +0200, Enke Michael wrote:
> Hi!
> Is there a possibility or would it be
> easy to implement to have the DB password
> encrypted in some kind (in *.xsp or cocoon.xconf)?
as long as the direct JDBC connection requires plaintext passwords (and yes
all existing JDBC driver implementations require plaintext) it's absolutely
useless to add encryption to another layer.
anyway passwords are stored in a file on the server and JDBC connection is
usually made via localhost loopback, therefore password sniffing is almost
impossible and cocoon.xconf or whichever file the password actually contains
is not readable by ordinary users via web...
> This doesn't mean a state of the art
> encryption (too complicated!?), but only
> that not everybody can have direct access
> to the database.
don't get this, if there is a password that only admin knows, then
anyone who does not know it does not have the access to
the database or am I wrong ???
>
> Regards,
> Michael
>
rgds,
martin
--
-------------------------------------------------------------------------------
"Only dead fish swims with a stream" Malcolm Muggeridge
gpg_key_available: http://globales.cz/~mman/martin.man.gpg
gpg_key_fingerprint: 2CC0 4AF6 92DA 5CBF 5F09 7BCB 6202 7024 6E06 0223
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
