Hi All,
My application connects to database to get some data. Currently DB connection parameters and passwords are configured through felix console.Now the problem is anyone who has access to felix console can see the password for the DB. How do I prevent this? What is the best way of configuring these parameters?
Thanks
Solved! Go to Solution.
Views
Replies
Total Likes
The most secure way would be to use X509 user certs and not user id and password(encrypted or unencrypted). Most DBs allow this. For example, for mysql http://www.coresecuritypatterns.com/blogs/?p=970 shows how and for mongodb,http://docs.mongodb.org/manual/tutorial/configure-x509-client-authentication/ shows how to do this.
Views
Replies
Total Likes
The most secure way would be to use X509 user certs and not user id and password(encrypted or unencrypted). Most DBs allow this. For example, for mysql http://www.coresecuritypatterns.com/blogs/?p=970 shows how and for mongodb,http://docs.mongodb.org/manual/tutorial/configure-x509-client-authentication/ shows how to do this.
Views
Replies
Total Likes
Also - its best practice to use ACLs and not let un-authorized users access to felix console. Only admins should have access to that.
Views
Replies
Total Likes