Re: [OT] Database password
I believe that it will be easier to define a proper security policy in your production server than trying to hide the password or encrypt it. Another option is to hard-code it into your source, but you will loose some flexibility there. Hope that helps Lucas - Original Message - From: "Guillermo Meyer" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Thursday, March 11, 2004 3:59 PM Subject: RE: [OT] Database password Users cant access this file, but the file can be accessed by people that is not from Information Security area (Seguridad Informática). The password shouldnt be known neither by the application deployer, nor the system administrator, but only by Information Security people. -Original Message- From: Lucas Gonzalez [mailto:[EMAIL PROTECTED] Sent: Jueves, 11 de Marzo de 2004 03:56 p.m. To: Struts Users Mailing List Subject: Re: [OT] Database password If the problem is the user accesing the plain text file by typing the URL in the browser... a better solution would be to tell apache to hide those files... - Original Message - From: "Guillermo Meyer" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Thursday, March 11, 2004 3:49 PM Subject: [OT] Database password > Hi: > Our Struts application is currently in production. This applciation > uses an Oracle Database (we are using DBCP from jakarta). We access > this database through url, user a password and we need to "hide" the > production database password. The password is stored in a > configuration file and is in plain text. > > Have you got some "best practices" in this scenario? How are your Java > Applications get connected to production databases and how is the > database password protected? If we encrypt the password with 3DES, how > should the key be protected? > > Cheers. > Guillermo. > > > NOTA DE CONFIDENCIALIDAD > Este mensaje (y sus anexos) es confidencial, esta dirigido > exclusivamente a las personas direccionadas en el mail y puede contener informacion (i)de propiedad exclusiva de Interbanking S.A. o (ii) amparada por el secreto profesional. Cualquier opinion en el contenido, es exclusiva de su autor y no representa necesariamente la opinion de Interbanking S.A. El acceso no autorizado, uso, reproduccion, o divulgacion esta prohibido. Interbanking S.A no asumira responsabilidad ni obligacion legal alguna por cualquier informacion incorrecta o alterada contenida en este mensaje. Si usted ha recibido este mensaje por error, le rogamos tenga la amabilidad de destruirlo inmediatamente junto con todas las copias del mismo, notificando al remitente. No debera utilizar, revelar, distribuir, imprimir o copiar este mensaje ni ninguna de sus partes si usted no es el destinatario. Muchas gracias. > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] NOTA DE CONFIDENCIALIDAD Este mensaje (y sus anexos) es confidencial, esta dirigido exclusivamente a las personas direccionadas en el mail y puede contener informacion (i)de propiedad exclusiva de Interbanking S.A. o (ii) amparada por el secreto profesional. Cualquier opinion en el contenido, es exclusiva de su autor y no representa necesariamente la opinion de Interbanking S.A. El acceso no autorizado, uso, reproduccion, o divulgacion esta prohibido. Interbanking S.A no asumira responsabilidad ni obligacion legal alguna por cualquier informacion incorrecta o alterada contenida en este mensaje. Si usted ha recibido este mensaje por error, le rogamos tenga la amabilidad de destruirlo inmediatamente junto con todas las copias del mismo, notificando al remitente. No debera utilizar, revelar, distribuir, imprimir o copiar este mensaje ni ninguna de sus partes si usted no es el destinatario. Muchas gracias. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Database password
If the problem is the user accesing the plain text file by typing the URL in the browser... a better solution would be to tell apache to hide those files... - Original Message - From: "Guillermo Meyer" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Thursday, March 11, 2004 3:49 PM Subject: [OT] Database password > Hi: > Our Struts application is currently in production. This applciation uses > an Oracle Database (we are using DBCP from jakarta). > We access this database through url, user a password and we need to > "hide" the production database password. The password is stored in a > configuration file and is in plain text. > > Have you got some "best practices" in this scenario? How are your Java > Applications get connected to production databases and how is the > database password protected? > If we encrypt the password with 3DES, how should the key be protected? > > Cheers. > Guillermo. > > > NOTA DE CONFIDENCIALIDAD > Este mensaje (y sus anexos) es confidencial, esta dirigido exclusivamente a las personas direccionadas en el mail y puede contener informacion (i)de propiedad exclusiva de Interbanking S.A. o (ii) amparada por el secreto profesional. Cualquier opinion en el contenido, es exclusiva de su autor y no representa necesariamente la opinion de Interbanking S.A. El acceso no autorizado, uso, reproduccion, o divulgacion esta prohibido. Interbanking S.A no asumira responsabilidad ni obligacion legal alguna por cualquier informacion incorrecta o alterada contenida en este mensaje. Si usted ha recibido este mensaje por error, le rogamos tenga la amabilidad de destruirlo inmediatamente junto con todas las copias del mismo, notificando al remitente. No debera utilizar, revelar, distribuir, imprimir o copiar este mensaje ni ninguna de sus partes si usted no es el destinatario. Muchas gracias. > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT]Ant Script
Hi, I do not mean to be harsh or something, but a simple look at the doc would have solved your problem http://ant.apache.org/manual/CoreTasks/copy.html It´s on the second sentence! "Copies a file or FileSet to a new file or directory. By default, files are only copied if the source file is newer than the destination file" Best Regards, Lucas - Original Message - From: "Ramadoss Chinnakuzhandai" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 25, 2004 2:50 PM Subject: [OT]Ant Script Hi, Using Ant Script is it possible to detect the latest modified file by comparing the same file across two different locations and make them sync or override the old file with the latest modified file and make sure that same version of file exists on these two different location?? dirX/abc.jsp(timestamp as today) >ant script which will update abc.jsp under dirY with abc.jsp under dirX dirY/abc.jsp(timestamp as yesterday) is there any ANT guru to solve my "my brain's fuzzing" -Ramadoss - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Formating a float
Ben, Thanks a lot! that got me on the right way... but now I am getting this error: org.apache.jasper.JasperException: In , value attribute can not be parsed into java.lang.Number: "${invoice.totalBilling}" I´ve tried to find out why is this happening, but the property invoice.totalBilling is correct since works fine ( and getTotalBilling returns a double just in case ). Anyone has any clue about this error? Thanks a lot Lucas González - Original Message - From: "Ben Anderson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, February 05, 2004 12:40 PM Subject: RE: Formating a float > are you using jstl? > > > >From: "Lucas Gonzalez" <[EMAIL PROTECTED]> > >Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > >To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > >Subject: Formating a float > >Date: Thu, 5 Feb 2004 11:55:18 -0300 > > > >Hi, > >I´ve been searching the list for any insight about this issue, but found no > >real solutions. > > > >I need to format a float that is shown using: > > > > > > > >but it does not works. > >I´ve tried with many formats, but none seems to work. There is anything I > >am > >doing wrong? > > > >I wonder if anyone could point me some docs or anything that might help > >=) > > > >Thanks a lot! > >Lucas > > > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > _ > Learn how to choose, serve, and enjoy wine at Wine @ MSN. > http://wine.msn.com/ > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Formating a float
Hi, I´ve been searching the list for any insight about this issue, but found no real solutions. I need to format a float that is shown using: but it does not works. I´ve tried with many formats, but none seems to work. There is anything I am doing wrong? I wonder if anyone could point me some docs or anything that might help =) Thanks a lot! Lucas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Getting parameters from html:link
Hi! I´ve been trying to get aditional parameters that came in a html:link that with no success. the link is this one and "notBilled" was aded to the request like this: public Map getNotBilled() { Map map = new HashMap(); map.put("type", "NotBilled"); return map; } the problem is that when I do a request.getSession(true).getAttribute("type"); returns null always. There´s anything i´m doing wrong? I´ve been reading the mailing lists, but haven´t found something useful... Best Regards, Lucas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
bean:include problem
Hi! I´m new to struts and I have a small problem. I want to include a jsp ( navBar.jsp ) that has something like: So I did a little research, and tried using unfortunately I do not understand what the id attribute is for. the docs state: "Specifies the name of the scripting variable (and associated page scope attribute) that will be made available with the value of the specified web application resource." and still I do not understand what to do with it. I can´t get it to work, it does not throw any error, but the navBar.jsp is not included into the main page. There´s anything I´m missing here? I wondered if anyone could give me some help or maybe point to some documentation that might be useful btw... here is the globalForward just in case it might help to clarify my problem. Thanks a lot, and Best Regards, Lucas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]