|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
January 31st, 2003, 08:16 AM
|
|||
|
|||
|
JSP-DW-connection files prob
hope someone can help...
I use Dreamweaver MX to create JSP files to connect to our Oracle databases. MX creates connection files (jsp) which (in plain text) show the username and password to Oracle, and our security guys really don't like that. does anyone know a way we can obfuscate these files so people can't just come along and have free access to our databases? cheers Duncan 
|
|
#2
January 31st, 2003, 11:16 AM
|
|||
|
|||
|
the question is how would people get this file?
i would read the data from a file that is outside your DocumentRoot. This prevents people from getting your password when the server should fail to run the JSP and deliver the sources. Also if there is several people that are allowed to access this machine eg. via ftp, make an account especially for this file and let noone else access it. Also a simple XOR encryption could already please your security admins. Itīll be much harder if people have SSH / telnet / ?? connection. Do they?
__________________
-- Manuel Hirsch - Linux, FreeBSD, programming, administration articles, tutorials and more.
|
|
| Viewing: Dev Shed Forums > Programming Languages > Java Help > JSP-DW-connection files prob |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
