'Re: concealing passwords'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ant-user
Subject:    Re: concealing passwords
From:       Jeffrey E Care <carej () us ! ibm ! com>
Date:       2005-07-30 13:49:46
Message-ID: OFC7E7CE41.648145B9-ON8525704E.004B1E5B-8525704E.004BF61B () us ! ibm ! com
[Download RAW message or body]

--=_alternative 004BF53D8525704E_=
Content-Type: text/plain; charset="US-ASCII"

In WebSphere we use a two-tier property file system: 

*user.build.properties (located in $HOME) contains user specific 
properties (such as passwords) and any local settings the user wishes to 
override (such as whether to build the javadocs)
*build.properties (located in the source tree) contains the default 
properties that will be used unless overridden by the user

This system allows developer sandbox builds to be unique for every 
developer, and also subtly different from the production build if the 
developer wants to do that for whatever reason.

We also use our own logger that obfuscates passwords in the logs.

JEC
-- 
Jeffrey E. Care (carej@us.ibm.com)
WebSphere v7 Release Engineer
WebSphere Build Tooling Lead (Project Mantis)


Roedy Green <roedyg@mindprod.com> wrote on 07/30/2005 09:27:49 AM:

> I notice that in all the scripts I have seen people just insert their 
> passwords as plain text in the scripts, e.g. for jarsigning.
> 
> I don't want to do that since I will be distributing the scripts 
> along with source code.
> 
> It seems there are several ways you could handle it:
> 1. put the password in the registry.
> 2. make the password a system property you insert from a set variable.
> 3. put it in a file
> 4. something cleverer that makes you enter it and it remembers for afew 
hours.
> 
> I wondered what is considered standard practice.
> 
> 
> 
> Canadian Mind Products    roedyg@mindprod.com
> #327 - 964 Heywood Avenue
> Victoria, BC CANADA V8V 2Y5
> http://mindprod.com
> roedy green                (250) 361-9093 emergency
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
> For additional commands, e-mail: user-help@ant.apache.org
> 

--=_alternative 004BF53D8525704E_=--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic