This helps a lot. I am not worried about hackers getting into our system so much as programmers reading the XML file and getting a privileged password. Not a big deal, we can just captivate the account and keep "immoral" programmers out.
Thanks! On 4/17/06, Mark Thomas <[EMAIL PROTECTED]> wrote: > > Marc Farrow wrote: > > I learned how to do this last week and I am enjoying the ease of setup > in > > order to accomplish this. However, I would like to expand on this a bit > > further and use the SHA encrypting with my database password (the one > used > > in Tomcat's connection pooling). Is this possible? If so, can someone > lead > > me in the right direction? > > It isn't possible. This comes up a lot so I will try and explain why. > > Starting with the Tomcat users example where you can use hashed passwords: > - Tomcat stores the hashed password > - User enters protected area of website > - Tomcat prompts for password > - User enters it > - Tomcat hashes entered password and compares to stored hash > > In this scenario, if someone obtains the hashed password it is > relatively little use on its own since it is difficult to go from > hashed password to plain text password. > > Moving on to the database password case: > - Tomcat connects to database > - Database prompts for password > - Tomcat reads password from config > - Tomcat provides password to database > - Database allows Tomcat access > > In this second case Tomcat is the client rather than the server and > therefore needs the plain-text password in order to pass it to the > database. > > Hashing the password doesn't help since Tomcat must use the actual > password to access the database. > > Encrypting doesn't help either, since Tomcat would have to decrypt it > to use it, which means the decryption key must be accessible to > Tomcat. If the decryption key is accessible to Tomcat then it will be > accessible to whoever has access to the encrypted password too. > Therefore the encryption would be pointless. > > Which brings me on to a much more important point. *If someone has got > enough access to your server to read server.xml and/or > tomcat-users.xml you have much bigger problems*. Your server is > totally compromised at this point. An attacker could do pretty much > whatever they wanted. With this level of control over a server there > are more options for an attacker than I have time to list here. > Suffice to say, encrypting the users passwords isn't going to help at all. > > Hope this helps, > > Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Marc Farrow
