I have a cert in my non-login keychain, and with a Java test
program that
just lists KeyStore aliases, it gets listed whether I provide a
password or
not. But I expected this, because plain certs (which mine is) don't
contain secrets, so don't need passwords. I don't have any private
keys in
my keychains, so I can't tell whether the rest of the test is doing
what it
should or not. I have a number of passwords stored in my
keychains, but
KeyStore doesn't list their aliases, so it can't return them.
Slight modification required to the test case and is generally needed
is any non-null and non-empty to access an individual entry.
Testing must of left off with null, which does not work, but any
String like "test" does work?
I have one private key in my KeyChain for testing. A RSA private key
I added myself. So running the code ends up showing for my alias...
email@hidden is key entry is true
Sun RSA private CRT key, 2048 bits
....
Where ... includes
modulus:
public exponent:
private exponent:
prime p:
prime q:
prime exponent p:
prime exponent q:
crt coefficient:
all shown without a valid password of any kind being provided either
for the KeyStore (KeyChain) or for the key?
This just does not seem right but I still may not be understanding
correctly.
However, if you're looking for cross-platform authentication, then
using
the Keychain keystore may not be the way to go, since it only
exists on Mac
OS X. So regardless of how Keychain behaves or misbehaves with
Java, you
can't use it cross-platform.
True. Which is why I was asking for ideas on cross-platform solutions.
Or are you keeping the MySQL database passwords in your KeyStore, and
retrieving them with a keystore-password for creating a JDBC
connection?
In other words, is your JDBC connection the access-control checkpoint?
I'm seeing various pieces, but the big picture is murky:
Who authenticates Whom for access to What.
You authenticate to mysql using an url like
String url = new StringBuffer("jdbc:mysql://
localhost/").append(db).append("?user=").append(System.getProperty
("user.name")).toString();
and provide a password if needed, and my user needs one, like
// some drivers do not implement this properly
// if that is the case, prompt for user name and password
try {
if( required.length < 1 ) {
// props.put("user", prompt("user: "));
props.put("user", user);
props.put("password", pw);
}
Where I let user default to the user.name property although the
dialog can override that and the dialog is where the password is
entered.
That is what I would like to do once and then remember the password
somewhere in some way accessible to this user, and to this user only,
in the future without re-entering every time the application is run.
The same for any other authentication for this user in the future. I
would like to save it in the same way and not end up having the user
getting hit with repeated authentication dialogs. One up front master
password/dialog like you see with OS X application requiring admin
privileges would be fine.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
This email sent to email@hidden
