Michael,
to prevent unauthorised pesonnel to look at the password you could probably
unset the read flag of their group.
Mariano
On Tuesday 28 August 2001 22:38, Martin Man wrote:
> On Tue, Aug 28, 2001 at 11:21:45AM +0200, Enke Michael wrote:
> > Hi!
> > Is there a possibility or would it be
> > easy to implement to have the DB password
> > encrypted in some kind (in *.xsp or cocoon.xconf)?
>
> as long as the direct JDBC connection requires plaintext passwords (and yes
> all existing JDBC driver implementations require plaintext) it's absolutely
> useless to add encryption to another layer.
>
> anyway passwords are stored in a file on the server and JDBC connection is
> usually made via localhost loopback, therefore password sniffing is almost
> impossible and cocoon.xconf or whichever file the password actually
> contains is not readable by ordinary users via web...
>
> > This doesn't mean a state of the art
> > encryption (too complicated!?), but only
> > that not everybody can have direct access
> > to the database.
>
> don't get this, if there is a password that only admin knows, then
> anyone who does not know it does not have the access to
> the database or am I wrong ???
>
> > Regards,
> > Michael
>
> rgds,
> martin
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
