Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
81828384858687888990
Chapter 2: Security Measures
2-16
Security Measures for the J2EE Resource Access
Definition
This section explains the following topic:
Leakage of Password Information
Leakage of Password Information
The J2EE resource access definition can hold definitions of access information for various resources
used by J2EE applications. This access definition information is saved in a file, which includes
password information. There is a possible threat that an ill-intentioned person may furtively read this file.
A countermeasure for defending the file storing password information from threats is to make it
inaccessible by end users. For this purpose, it is recommended to set a rule that only users having
administrator authorization (superuser for a Solaris OE/Linux system, and Administrator for Windows(R)
system) can use the J2EE resource access definition.