Re: Credentials for Application use

[Michael Silk <michaelslists () gmail com>]

If you are just talking about a password to access a db, the 'typical'
approach (at least the approach I use) is just to store that password
in the code/config file. You may like to add a layer to that by
encrypting it in some config file, and requiring a 'decryption'
(initialisation) of the 'server' to take place, where the key is
entered and the db password is kept in 'application' memory until the
next reset, etc.

But, if you want to use the db resource manage permissions for various
users AS WELL as your app logic (i.e. some redundant security system;
[which is good]) then you'll need to create sql/whatever accounts for
each user, obviously.

Depends what you want, I guess. I think the answer to your question is
that the password is stored in a config file.

-- Michael

On 5/12/05, Mikey <[EMAIL PROTECTED]> wrote:
> Chris,
>
> Your situation is a little unique in that you encrypt the data with the
> password. The data backend I was referring to is simply a backend database
> like an SQL Server, Oracle 8i or DB2 data repository. All users need to do
> to get access to it is to authenticate to it and then have the right access
> controls to its tables/rows.
>
> SSO may solve my problem but the problem I have right now is that SSO is
> not here for us yet. What I like to understand is from people with
> experience in this stuff who have not implemented enterprise SSO solutions
> so that I can get that light bulb above my head to work. :-)
>
> Thanks.
>
> At 11:00 AM 11/05/2005 -0500, Gizmo wrote:
> > Maybe I don't fully understand the concept of Single Sign-On.
> >
> > As I understand it, SSO allows a user to login to an application portal, and
> > all of the applications that user accesses via that portal know who the user
> > is and what rights they have within their respective application realms.  As
> > such, it is a front-end technology; the back-end applications don't know
> > anything about this.  Since my application is a server in a client-server
> > architecture, it is a back-end app.  In any case, SSO wouldn't help the
> > situation where the data are encrypted by the password, if the data are
> > accessed by more than one user.  The idea behind this implementation is to
> > ensure that even if a bad guy gains access to the server and the data files
> > of the DB, he still can't get at the actual data without the key.
> >
> > Or am I missing something?
> >
> > Later,
> > Chris