I do not use the sa account for my web applications and I was only using it for the sake of example.
The main point of my thread was that you cannot use special characters when setting up a DSN via the web-based CFMX admin console. However, I do use a password with special characters in it for the CF admin account. This works quite well. But this is understandable because it is the installation wizard that I use when creating the password in the first place, which is not a web based application. Thanks for your comments everyone and hope this helps others. Dave Adams CFUG Ottawa Dave Watts wrote: >>I am not sure if this is a bug but in my MS-SQL server >>the password for my sa account is 'password�'. To create >>this password I type in p-a-s-s-w-o-r-d-alt142. >> >>I then proceed to create my DSN via MDAC. I then test it, >>which is successful. The problem then occurs when I go to >>CFMX admin and setup the DSN using 'sa' for username and >>'password�' for the password. When I then submit this >>configuration I get the nasty and well known error of >>"Connection verification failed for data source: data_source_name >>[]java.sql.SQLException: SQLException occurred in JDBCPool...." >> >>To correct the problem I had to replace my sa's password >>with something more basic such as 'password' and then CFMX >>accepted the DSN without a problem. >> >>By the way, I am using wacky passwords with �,�,�, etc >>because this was a recommedation in Eweeks OpenHack contest. >>It appears that Microsoft products don't have a problem >>with this password regime by CFMX certainly does. >> >>Give it a try if you don't believe me. >> >> > >Oh, I believe you, but I don't think it has anything to do with CFMX, >specifically. > >When you create a datasource for CFMX, you're using a web-based application, >and you're typing the password into a text box, which by default won't >accept special characters. > >If you want that much to use a special character, I imagine you could just >edit the appropriate configuration file by hand. Of course, you'd have to >encrypt the password first, using the same encryption that CFMX uses, but >that's pretty well-known, so I don't imagine it would be that difficult. > >However, rather than worry too much about E-Week's OpenHack recommendations, >I'd be more concerned about using the sa account from your web server, which >is a HUGE, GAPING SECURITY HOLE OF UNIMAGINABLE DEPTH. Instead, create SQL >logins that only have the appropriate rights to specific databases, and use >those logins within your CFMX datasources. That way, you don't have to worry >nearly as much about your sa account being compromised - after all, you're >currently storing the sa password on the web server! > >Dave Watts, CTO, Fig Leaf Software >http://www.figleaf.com/ >voice: (202) 797-5496 >fax: (202) 797-5444 > > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
