> I find this surprising (I don't have Oracle 8.1.6, so I can't check this
> out on my own right now). The X.509 certificate that comes in through SSL
> only provides a *public* key, so the web server can't impersonate the web
> client --- it can only say "I'm working on behalf of this guy, trust
> Certs work just like that.
I presume you mean the SSL-delivered X.509 certificate, which associates
an X.500 Distinguished Name with a public key.
> There is a standard way to access
> them from JAVA
I presume you're referring to section 5.7 of the Servlets spec version
2.2, which says to me
TED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 08, 1999 6:53 AM
Subject: Re: Database authentication
> > There are two
> > possibilities:
> >
> > 1. Create a database account for every user. On login, the
> > servlet asks
> > for the user's p
;
Sent: Wednesday, December 08, 1999 3:22 AM
Subject: Database authentication
> Hi,
>
> I'm working on a project which includes accessing a database from a
> servlet. Now I'm wondering what is the best way to do so. There are two
> possibilities:
>
> 1. Create
access control.
[ ]'s
Luciano Coelho
Sun Certified Programmer for Java2
e-Sec Data Security Technology
[EMAIL PROTECTED]
-Mensagem original-
De: Edward W. Rouse <[EMAIL PROTECTED]>
Para: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Data: Quarta-feira, 8 de Dezembro de 1999 12:55
As
Sent: Wednesday, December 08, 1999 6:22 AM
> To: [EMAIL PROTECTED]
> Subject: Database authentication
>
>
> Hi,
>
> I'm working on a project which includes accessing a database from a
> servlet. Now I'm wondering what is the best way to do so.
> There are two
&g
> There are two
> possibilities:
>
> 1. Create a database account for every user. On login, the
> servlet asks
> for the user's password and uses the user's login & password
> to create a
> connection with the database. Authentication is performed by the
ct which includes accessing a database from a
> servlet. Now I'm wondering what is the best way to do so. There are two
> possibilities:
>
> 1. Create a database account for every user. On login, the servlet asks
> for the user's password and uses the user's
ks
> for the user's password and uses the user's login & password to create a
> connection with the database. Authentication is performed by the
> database.
>
> 2. The servlet gets an account of its own. Authentication is done by the
> servlet. All database communication
MAIL PROTECTED]>
Date: 08 December 1999 12:49
Subject: Database authentication
>Hi,
>
>I'm working on a project which includes accessing a database from a
>servlet. Now I'm wondering what is the best way to do so. There are two
>possibilities:
>
>1. Create a databa
login & password to create a
connection with the database. Authentication is performed by the
database.
2. The servlet gets an account of its own. Authentication is done by the
servlet. All database communication is performed over the servlet
account.
Each has its advandates and disadvanta
11 matches
Mail list logo
