directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ole Ersoy <>
Subject [DAS] Password Encryption
Date Wed, 11 Apr 2007 20:09:17 GMT
Hey Guys,

The DAS reads the JNDI connection's password
form the DAS's configuration file.

Right now I have the default set to "secret",
in plain text.

I'm thinking there should be a small utility
that comes with the DAS that generates a checksum (md5, sha1)
of the password that the user wants, and then the user
puts that in the configuration file.

After the DAS reads the configuration file, it decrypts
the password and adds it to the environment map used
by the connection.

Ideally the property used to store the decrypted password
is write only.  I think java security has some stuff for that,
but I gotta investigate.

Sound ok?

- Ole

View raw message