Expand my Community achievements bar.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

How to maintain DB passwords ? Nothing in clear text

Avatar

Level 3
Level 3
10/15/15 7:27:27 PM

Hi All,

My application connects to database to get some data. Currently DB connection parameters and passwords are configured through felix console.Now the problem is anyone who has access to felix console can see the password for the DB. How do I prevent this? What is the best way of configuring these parameters?

Thanks

Views

719

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
10/15/15 7:27:27 PM

The most secure way would be to use X509 user certs and not user id and password(encrypted or unencrypted). Most DBs allow this. For example, for mysql http://www.coresecuritypatterns.com/blogs/?p=970 shows how and for mongodb,http://docs.mongodb.org/manual/tutorial/configure-x509-client-authentication/ shows how to do this.

View solution in original post

Views

673

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Employee
Employee
10/15/15 7:27:27 PM

The most secure way would be to use X509 user certs and not user id and password(encrypted or unencrypted). Most DBs allow this. For example, for mysql http://www.coresecuritypatterns.com/blogs/?p=970 shows how and for mongodb,http://docs.mongodb.org/manual/tutorial/configure-x509-client-authentication/ shows how to do this.

Views

674

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 10
Level 10
10/15/15 7:27:27 PM

Also - its best practice to use ACLs and not let un-authorized users access to felix console. Only admins should have access to that. 

Views

618

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
How to mock/unit test a Sling filter that does a redirect? (and other questions) Solved

Views

111

Likes

0

Replies

2
AIO Plugin unable to push code to RDE environment or use any commands Solved

Views

618

Likes

0

Replies

2
OSGi config(Environment variable) not picked up in cloud Solved

Views

817

Likes

0

Replies

7
SSL update in Cloud Manager

Views

433

Likes

0

Replies

3
How to Expose a Custom Resolver Field in Content Fragments for AEM GraphQL queries Without Editing the Fragment Model

Views

934

Likes

0

Replies

3