Where to store database credentials in a web app?

Question

I\'m wondering what techniques you use to store the database credentials for your application. I\'m specifically concerned with java webapps, but I don\'t think there\'s any ne

Answer 1

On the Microsoft stack, things can be very nice.

You create a network user account in Active Directory with almost no permissions. You configure IIS to run your webapp as that user. You grant that user read access to the web folders and files on the disk. You configure SQL Server to grant that user read/write permissions on the tables you want. And in the connection string, you instruct the db client to connect as the user account which the webapp is currently being run as.

There is only one actual user account, although it is visible in multiple places. This user account has extremely limited permissions. There is no storing passwords anywhere, even if encrypted. There is no configuration that has to be done in code for this to work (it's all in setting up the permissions).