Re: passwords and user ids
From: Luke Webber (luke_at_webber.com.au)
Date: 04/08/04
- Next message: Abdullah Kauchali: "Re: passwords and user ids"
- Previous message: Roedy Green: "passwords and user ids"
- In reply to: Roedy Green: "passwords and user ids"
- Next in thread: Abdullah Kauchali: "Re: passwords and user ids"
- Reply: Abdullah Kauchali: "Re: passwords and user ids"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 8 Apr 2004 13:46:04 +1000
"Roedy Green" <look-at-the-website@mindprod.com> wrote in message
news:kcc97012qhh965h56343hvknpuer0855a4@4ax.com...
> I wondered how the userid/password mechanism works.
>
> It seems to me the HTTP server and Servlet Womb (e.g. Resin/Tomcat)
> has its own authentication scheme, so they must each have their own
> list of user ids and passwords. Further the SQL database has user ids
> and passwords.
>
> 1. Is there some mechanism that keeps the three sets of passwords/user
> ids in sync?
>
> 2. Where does the sql userid/password come from. Is it burned into
> the source code, or does the app find it out from the womb and pass it
> through somehow?
The answer, as usual, is "it depends". Dealer's choice really. I tend to
keep the database username and password in the database URL, stored in a
properties file, with no attempt to utilise the web users' own privileges
and permissions. Too much bloody trouble trying to keep Web users up to date
with the database admin.
Luke
- Next message: Abdullah Kauchali: "Re: passwords and user ids"
- Previous message: Roedy Green: "passwords and user ids"
- In reply to: Roedy Green: "passwords and user ids"
- Next in thread: Abdullah Kauchali: "Re: passwords and user ids"
- Reply: Abdullah Kauchali: "Re: passwords and user ids"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
