Hosting Provided By

Application to Application authentication models....

From: r s <richard.scott(at)bestbuy.com>
Date: Tue Jan 28 2003 - 15:46:09 EST

('binary' encoding is not supported, stored as-is)

Greetings all,

I am posting this here in teh hope to get some direction as to where next to look. This ismore of an architecture question and not specific to programming.

Given an enterprise Java, LDAP and Small PKI infrastructure what would be a recommended solution to securing connection credentials to database systems, queues etc.

Given that applications can be built in Java and the logical storage of credentials to be stored in LDAP. What authentication mechanism, model, architecture best allows applications legitimate access to LDAP schema to obtain sensitive data such as connection credentials to database systems?

The idea is to have developed applications use a framework to securely obtain correct credentials for the applications based in environments in DEV, QA and PROD.

Thus given some environment, the application executred within the framework and requests to connect to the HR database, for example. The application then must be authenticated and if successful, the framework obtains the connection credentials to build a connection to the database. By running the same code in QA, the credentials for the QA database is given, not the production one. A call for the production database from a QA server is prohibited.

Any ideas of how this can be enforced?

cheers
r./ Received on Tue Jan 28 16:33:11 2003

Do you need help?

This message: [ Message body ]
Next message: NESTING, DAVID M (SBCSI): "RE: Application to Application authentication models...."
Previous message: Timo Sirainen: "Re: safe strcpy()?"
Reply: NESTING, DAVID M (SBCSI): "RE: Application to Application authentication models...."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:45 EDT