The real honest to goodness problem is that eventually you'll need to deal with a password. That's just unavoidable. You could encrypt the password, but that would just need another password to decrypt it before making it useful. Even SSL has a server.key file (the server's private key) that needs to be guarded with the highest security available.
The only really secure way to deal with it and not have a plain text password hanging around somewhere is to possibly have the admin enter the password on startup. I don't know about you, but I'm not crazy about babysitting a server or having the site down until I can sit at a console and put in a password :-(.
Just properly secure the server.xml (or context.xml) file with read only access and only for the user tomcat is launched as. Also make sure it's in a place guaranteed not to be served out by any means. I have mine in /etc/tomcat5 and symlinked the conf directory in tomcat to /etc/tomcat5.
Lastly, look at ways to limit the impact of a compromised password (firewalls, ACL's, change passwords on a routine basis, minimum privilege, etc, ...).
Just my three cents on the matter. It's Friday -- time for happy hour.
--David Smith, CISSP
Emerson Cargnin wrote:
How can I mantain databases passwords without :
- Being put in the code (arghhhh) - Being in plain text in server.xml (as configured for tomcat)
I use another approache than the pool from tomcat, that consist in a separate servlet and a PoolManager, which is accessed in a static way. (so other apps can reference the same instance...). In the servlet I read the init properties from web-xml that follows a pattern (poolname1,dbuser1,dbpass1, and so on for all pools). In the application I just as for the pool by the name of it. It works and I can change the pool implementation without impacting in any code of the application. We are thinking in not let the password in plain text in the web.xml. I though of 2 approaches:
- Read the web.xml by a standalone app and encript the password, in my connection servlet I read it and decritp it.
- Have a separate file for each pool, this file,encripted, would contain info about each pool.
BTW, is there any way to use the same pool for more than one app, using tomcat pool configuration ???
thanks in advance Emerson
Emerson Cargnin wrote:
Is there any standart way to keep the passwords of databases encripted when creating a pool through tomcat?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
