Entering the password on the command line could be an option if you
choose the Java Invocation API. I have done this in the past and it
has worked really well.
On 4/25/05, john bart <[EMAIL PROTECTED]> wrote:
> Hello to all the list.
> I need some advice on where to store the keystore's password.
> Right now, i have something like this in my code:
>
> keystore = KeyStore.getInstance("JKS");
> keystore.load(new FileInputStream("keystore.jks"),"PASSWORD");
>
> the question is, where do i store the password string? all of the
> possibilities that i thought about are not good enough:
> 1) storing it in the code - obviously not.
> 2) storing it in a seperate config file is also not secure.
> 3) entering the password at runtime is not an option.
> 4) encrypting the password - famous chicken and egg problem (storing the
> encryption key)
>
> Any ideas?
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>
