Hello,
We have some java application using its own datasource to connect
to the database. This requires either hardcoding username and password or
put it in a config file. Is there a way for this jav app to use
datasources defined in Coldfusion so that java app can share the same db
You have to dig into the Admin API, but it can be done. You have to
pass the datasource into the java object from CF.
ap
On Apr 2, 2008, at 9:41 AM, [EMAIL PROTECTED] wrote:
Hello,
We have some java application using its own datasource to
connect to the database. This requires
Or you can do it the other way around: if this is a Java app that's a
servlet or JSP, which is running in the same J2EE container as your CF app,
and your CF app is running on CF Enterprise (7 or 8), you can change CF to
use a JNDI datasource instead of a native CF datasource. JNDI datasources
are
But of course any of those configs is vulnerable to the password being
stolen. Its an interesting problem for production boxes and one I
hope to see a whitepaper from Foundstone on soon... ;-)
There are some products out there that allow credentials to be
checked out when needed (think
In addition to the other suggestions a very quick way to get by this
issue may be to consider creating a generic application specific user id
in the database and use that id in your existing java app without
changing anything. You can then control the user id access with
security (roles and
I would never, ever use my user logins as the DB logins. That's just
a nightmare to manage.
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
Free speech exercised both individually and through a free press, is
a necessity in any country where people are themselves free.
-- Theodore
I've used the approach Charlie outlined before. In both the JMC and
CFAdmin tools the dsn password is encrypted in the xml file.
DK
On 4/2/08, Dean H. Saxe [EMAIL PROTECTED] wrote:
But of course any of those configs is vulnerable to the password being
stolen. Its an interesting problem for
Encrypted with a symmetric encryption routine or possibly encoded.
Then the key storage becomes an issue, because it clearly can't be
stored securely if the server can restart on its own. This is the
same route a lot of servers like WebSphere use and is known to be
easily
Thanks Doug and Charlie. I will try to define and use the JNDI
datasources. One question. If I define a JNDI datasource with the user
name and password while defining, then do I need to reenter user name and
password again in CFAdmin when I define the datasource as J2EE datasource
type?
It really isn't a nightmare based on roles and permissions and since the
logins are centrally managed in one place that would further alleviate
any management headaches. This goes back to the age old question about
data and applications. Application authentication can be combined with
data
10 matches
Mail list logo