Where to store database credentials in a web app?

后端 未结 8 1430
离开以前
离开以前 2021-02-07 08:28

I\'m wondering what techniques you use to store the database credentials for your application. I\'m specifically concerned with java webapps, but I don\'t think there\'s any ne

8条回答
  •  醉梦人生
    2021-02-07 08:53

    Depends on the app server.

    I usually use JNDI lookups for the data source, so credentials are stored on the app server that handles the connection pool. No need to put anything other than the JNDI name in configuration that way.

    Yes, the password is encrypted on WebLogic.

    On Tomcat things can be dicey. Connection info is in META-INF/context.xml, which means plain text for the password. I only do that for development, never in production.

提交回复
热议问题