Roedy Green wrote:
I notice that in all the scripts I have seen people just insert their
passwords as plain text in the scripts, e.g. for jarsigning.
I don't want to do that since I will be distributing the scripts along
with source code.
It seems there are several ways you could handle it:
1. put the password in the registry.
2. make the password a system property you insert from a set variable.
3. put it in a file
4. something cleverer that makes you enter it and it remembers for a few
hours.
I wondered what is considered standard practice.
-beware of passing things on the command line, as on unix its visible to
all users via the ps command
-you can use <input> to ask for a password; it will be echoed (java's fault)
I keep passwords in properties files in a subdirectory that is locked
down with very restricted access, not in SCM.
-steve
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
