java.jago wrote: >>I don't ever put a password in my source code >>(except for simple examples). I always use a >>properties file or something similar. >>Of course, the problem remains: if your properties >>file is compromised so is your password. >> >> > >Actually that's exacly the point - a properties file would give the >password away even easier. > > We are talking about totally different things. I am talking about PDF files generated on a server. These PDF files are encrypted with an owner password. The owner password never leaves the server. It is perfectly safe as long as the OS is safe.
>The point is, encrypted pdfs are generated on the user machine - and >send to a server. The user and nobody in between should be able to open >the pdf...only the server should be! for that he has to know the >password - meaning, I need to predefine a password, which will be used >for pdf encryption! But where do I store this password..? > Based on your story I don't see any reason why the PDF should be encrypted. Don't encrypt the PDF and do all client-server communication using SSL. br, Bruno _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions
