On 8 March 2010 09:55, Alexander Diedler <adied...@tecracer.de> wrote:
> We have to create an Application with an Offline Client based on Tomcat and > SQL Server on Laptops. That means, that the Laptops has an local installed > Webserver with Tomcat and a local installed SQL Server (Full oder Express > Edition 2005). Now, in case to stolen laptops it is very unsecure to wrote > the sa user with uncrypted password in some properties files. My idea was, > to manage the whole communication direct with the SQL database instead of > tomcat-users.xml. It is possible to make a full working system without any > local stored password in the properties file? It is possible to use Windows > internal Kerberos (etc) authentication with domain users etc and start the > SQL Server and Tomcat Server with Serviceaccounts? > > You can certainly start both using service accounts and use Windows authentication - both the jTDS and Microsoft JDBC drivers support Windows authentication into SQL Server. However, I'm not sure what this buys you, as a cracker who knew what they were doing could simply add their own code to a webapp to extract whatever details they wished from the database, with the same credentials as the webapp. Of course, that webapp should not connect to SQL Server using sa, or in fact anything in the sysadmin or dbo roles. At this point, assuming you keep a different password for each machine, I cannot see why Windows authentication is significantly more secure than storing the account's password in cleartext. Also, if you are taking the laptops offline, I would be *very* cautious about using domain accounts as service accounts. Windows will cache domain credentials for some time, but not for ever. You do not want the application to fail due to losing the cached credentials. - Peter