Okay - bear with me here folk!
Imagine one has a database (for example Oracle) which requires a user id
and password to access. Now, imagine writing an application to let joe
user to look up and insert info into this table. HOWEVER, we do not
want to generally publish the user id and password; we want the coldfusion
app as the 'gateway' into the table.
So far, so good.
However, because of the gateway issue, hard coding the userid and password
into the cfm files is out - the cfm files are in general accessible by
someone browsing the directories.
The database itself is sensitive enough that the owner does not want the
userid and password put into the ColdFusion admin area either...
If you had to write an app where the database userid and password:
could not be hard coded,
could not be put into the admin area,
could not be entered via prompting
what approach would you use? Putting it into a file - encrypted or not -
doesn't work; the files are readable and so someone could just copy them
and build their own 'pseudo' app that accesses the data, right?
Looking for 'outside the box' possible solutions.
If it helps, the platform for the server is SPARC Solaris.
--
Never apply a Star Trek solution to a Babylon 5 problem.
Larry W. Virden <mailto:[EMAIL PROTECTED]> <URL: http://www.purl.org/NET/lvirden/>
Even if explicitly stated to the contrary, nothing in this posting should
be construed as representing my employer's opinions.
-><-
------------------------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message
with 'unsubscribe' in the body to [EMAIL PROTECTED]
