?
Solved

Directories

Posted on 2003-03-28
5
Medium Priority
?
250 Views
Last Modified: 2010-03-31
Hi all,

I hope this is the right section where I'm asking this question, but :

We've got a lot of Java Web Applications. Now for security purposes, we've removed all the properties files from the Applications (Because there are passwords in the files that changes depending on where the applications get deployed to) and put then into a directory elsewhere on the Server. Now we have to protect the directory or do something so that no one can open the files and look for the passwords.
But how ? Or is there something else that I could rather do ?

Hope this makes sense.

Thank you

Pieter Jacobs
E-Mail : pietjac@iafrica.com
0
Comment
Question by:PieterJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 4

Accepted Solution

by:
girish_nair earned 252 total points
ID: 8229659
Hi,

If you are on a linux machine then you can use .htaccess files, so that no one can open it using a browser.

If you want that the files cannot  be opended by anyone except then give the directory appropriate perms.

The best idea is to keep the passwords encrypted. You can use  any utility like htpasswd or any builtin (JAVA) to encrypt it.

So Encryption+appropriate perms makes it more secure.

:)
0
 
LVL 86

Assisted Solution

by:CEHJ
CEHJ earned 248 total points
ID: 8230147
Passwords should never be stored in clear text. They should be encrypted using a one-way hash. *Nobody* should be able to read them - not even administrators.
0
 

Expert Comment

by:CleanupPing
ID: 9058413
PieterJ:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 15

Expert Comment

by:jimmack
ID: 9735446
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Split between girish_nair and CEHJ.

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

jimmack
EE Cleanup Volunteer
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java contains several comparison operators (e.g., <, <=, >, >=, ==, !=) that allow you to compare primitive values. However, these operators cannot be used to compare the contents of objects. Interface Comparable is used to allow objects of a cl…
In this post we will learn how to make Android Gesture Tutorial and give different functionality whenever a user Touch or Scroll android screen.
Viewers learn about the scanner class in this video and are introduced to receiving user input for their programs. Additionally, objects, conditional statements, and loops are used to help reinforce the concepts. Introduce Scanner class: Importing…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
Suggested Courses
Course of the Month15 days, 4 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question