How to maintain DB passwords ? Nothing in clear text

Avatar

Avatar
Give Back
Level 2
ashtrick
Level 2

Likes

4 likes

Total Posts

48 posts

Correct reply

0 solutions
Top badges earned
Give Back
Validate 10
Validate 1
Boost 3
Boost 1
View profile

Avatar
Give Back
Level 2
ashtrick
Level 2

Likes

4 likes

Total Posts

48 posts

Correct reply

0 solutions
Top badges earned
Give Back
Validate 10
Validate 1
Boost 3
Boost 1
View profile
ashtrick
Level 2

15-10-2015

Hi All,

My application connects to database to get some data. Currently DB connection parameters and passwords are configured through felix console.Now the problem is anyone who has access to felix console can see the password for the DB. How do I prevent this? What is the best way of configuring these parameters?

Thanks

View Entire Topic

Avatar

Avatar
Boost 5
Employee
kalyanar
Employee

Likes

5 likes

Total Posts

182 posts

Correct reply

78 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Affirm 50
Affirm 5
View profile

Avatar
Boost 5
Employee
kalyanar
Employee

Likes

5 likes

Total Posts

182 posts

Correct reply

78 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Affirm 50
Affirm 5
View profile
kalyanar
Employee

15-10-2015

The most secure way would be to use X509 user certs and not user id and password(encrypted or unencrypted). Most DBs allow this. For example, for mysql http://www.coresecuritypatterns.com/blogs/?p=970 shows how and for mongodb,http://docs.mongodb.org/manual/tutorial/configure-x509-client-authentication/ shows how to do this.