Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 1833 invoked from network); 7 Mar 2011 13:21:46 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 7 Mar 2011 13:21:46 -0000 Received: (qmail 3983 invoked by uid 500); 7 Mar 2011 13:21:43 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 3774 invoked by uid 500); 7 Mar 2011 13:21:43 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 3765 invoked by uid 99); 7 Mar 2011 13:21:43 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Mar 2011 13:21:43 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE,RFC_ABUSE_POST,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of dckerber@verizon.net designates 206.46.173.3 as permitted sender) Received: from [206.46.173.3] (HELO vms173003pub.verizon.net) (206.46.173.3) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Mar 2011 13:21:35 +0000 MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=UTF-8; format=flowed Received: from [172.17.47.42] ([unknown] [216.41.111.254]) by vms173003.mailsrvcs.net (Sun Java(tm) System Messaging Server 7u2-7.02 32bit (built Apr 16 2009)) with ESMTPA id <0LHO0074RVQSWT60@vms173003.mailsrvcs.net> for users@tomcat.apache.org; Mon, 07 Mar 2011 07:20:56 -0600 (CST) Message-id: <4D74DBB4.6050201@verizon.net> Date: Mon, 07 Mar 2011 08:20:52 -0500 From: David kerber User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 To: Tomcat Users List Subject: Re: Tomcat NTLM Authentication References: <4D73925C.8060207@ice-sa.com> <4D74BA8D.4070808@ice-sa.com> <4D74D828.5080808@ice-sa.com> In-reply-to: X-Virus-Checked: Checked by ClamAV on apache.org On 3/7/2011 8:10 AM, הילה wrote: > Hey, > I cannot look for it in Microsoft, since the Java is of SUN, and the > implementation is on the Java side, not the SQL Microsoft side. Microsoft may have a jdbc driver you could use, though. D > > Option no' 1 :] > User and password should not exist in clear text in the xml file. > > 2011/3/7 André Warnier > >> הילה wrote: >> >>> I'm using Microsoft SQL Server 2008, latest SP. >>> the use of domain user is used with the jtds package, which allows the >>> tomcat service to authenticate to the DB with the presence of native SSPI >>> DLL called ntlmauth.dll >>> However, it generated a memory leak in the server. So I'm looking for >>> alternatives. >>> >>> So, the problem now, correctly stated, is : >> >> - does there exist a Java driver for SQL Server 2008, which allows for NTLM >> authentication with SQL Server, and does not have a memory leak ? >> >> (and I would think that Microsoft would be the place to look first) >> >> >> But it is still a bad solution with respect to security, agreed ? >> >> It would still be interesting to know in what exact terms you were given >> this task. >> Did they tell you >> - that the userid and password should in no circumstances be stored in >> clear in any file on the Tomcat server (even if this file cannot be accessed >> by anyone) ? >> - or did they tell you : our security scanner found a file containing a >> user-id and password; this is not acceptable ? >> - or some other formulation ? >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >> For additional commands, e-mail: users-help@tomcat.apache.org >> >> > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org