o:[EMAIL PROTECTED] On Behalf Of Milen
Dyankov
Sent: Monday, February 02, 2004 11:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] how to encode database password in descriptor
file mysql-ds.xml
Hi Mark,
I agree, keeping passwords in plain text is not a good idea.
But I don't think you ca
Hi Mark,
I agree, keeping passwords in plain text is not a good idea.
But I don't think you can really hide your data from system administrator.
It makes no sense to me at all. System admin has full access to any
recourse inside given system and can do anything.
It's somewhat strange to me that
Title: Re: [JBoss-user] how to encode database password in descriptor file mysql-ds.xml
No, I don't think asking for the password at
startup would be
desirable. No one wants to hang around
the console when the
machine is booting. And the app server is
probably on some server
in
Title: Re: [JBoss-user] how to encode database password in descriptor file mysql-ds.xml
I am
still not convinced, but I see your point.
Would
it help/make sense that the server asks for the password at
startup?
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL
anyone> out. They can freeze the lock, pick it, break a> window. A key>
door lock isn't real security. But you do it> anyway, because it does> add some value (keeping out unsophisticated> thieves).> > JD> > -Original Message-> From: Rupp, Heiko [mailt
]
Subject: RE: [JBoss-user] how to encode database password in descriptor
file mysql-ds.xml
Scott:
Thank you for your reply.
Sorry I don't understand why you need another password.The
user-name/password in mysql-ds.xml is the only user for jboss to
communicate with mysql. At this moment,
Title: Re: [JBoss-user] how to encode database password in descriptor file mysql-ds.xml
Storing a private key in a java .class file
does add a useful level of
security.
1) Customers perceive this as valuable.
They aren't geeks, so they
don't get it, but they still buy your produ
The idea is, that when the entry in mysql-ds is encrypted, so that no user
can read it, who has the password to decrypt this entry.
Do you want that to be asked at jboss startup?
> Since I don't know your potential solution, my point is that the
> password in mysql-ds.xml should be encoded(usin
Title: Re: [JBoss-user] how to encode database password in descriptor file mysql-ds.xml
Hi,
What I've seen another application do (WebSphere) is when it
reads inthe file, if the password is cleartext, it will use it's own
encryptionalgorithm to encrypt the password and the
What I've seen another application do (WebSphere) is when it reads in
the file, if the password is cleartext, it will use it's own encryption
algorithm to encrypt the password and then save the new password in the
file, so when the user opens the file back up, the password is now
stored as encr
Scott:
Thank you for your reply.
Sorry I don't understand why you need another password.The user-name/password in mysql-ds.xml is the only user for jboss to communicate with mysql. At this moment, let's assume we need another password. Certainly, I can't get another user-name/pasword to encode
How do you want the password used to encrypt this password to be
stored/used?
Scott Stark
Chief Technology Officer
JBoss Group, LLC
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Wang
S
12 matches
Mail list logo
