IBM® WebSphere® Application Server stores system passwords in files that are simply encoded. To support clients who want to implement their own password storage mechanism, WebSphere Application Server has provided a System Programming Interface (SPI) to do so. Encrypting these system passwords can provide some marginal additional security benefits for a specific class of vulnerability (poorly implemented application code), but it cannot provide defense against a malicious programmer or a determined attack. If you insist on implementing a password encryption solution, here is one example of how you could achieve this using the SPI. This content is part of the IBM WebSphere Developer Technical Journal.
Subscribe to:
Post Comments (Atom)
Note to self - Firefox and local connections
Whilst trying to hit my NAS from Firefox on my Mac, I kept seeing errors such as:- Unable to connect Firefox can’t establish a connection t...
No comments:
Post a Comment