הילה wrote:
> I'm using Microsoft SQL Server 2008, latest SP.
> the use of domain user is used with the jtds package, which allows the
> tomcat service to authenticate to the DB with the presence of native SSPI
> DLL called ntlmauth.dll
> However, it generated a memory leak in the server. So I'm looking for
> alternatives.
>
So, the problem now, correctly stated, is :
- does there exist a Java driver for SQL Server 2008, which allows for NTLM authentication
with SQL Server, and does not have a memory leak ?
(and I would think that Microsoft would be the place to look first)
But it is still a bad solution with respect to security, agreed ?
It would still be interesting to know in what exact terms you were given this task.
Did they tell you
- that the userid and password should in no circumstances be stored in clear in any file
on the Tomcat server (even if this file cannot be accessed by anyone) ?
- or did they tell you : our security scanner found a file containing a user-id and
password; this is not acceptable ?
- or some other formulation ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|