Although I think a java KeyStore may still be the solution to my
original cross-platform problem, since I can't count on a login
keychain or even access permissions being present. One problem there
being a single KeyStore password might be required rather than
KeyStore + alias passwords. So somewhat weaker protection for secure
private information like mysql passwords.
Try creating a "JKS" keystore and finding out how it uses its password
args. This appears to be fairly easy to do. I think the 'keytool'
command
can do it.
I have done this already and yes it does work. I have even used it
with the KeyStore located on my iPod. Worked fine. I used it as a
basic command line tool to keep track of run of the mill internet
passwords. The browsers don't always seem to want to save all of them
and the browsers seem more apt to have standard attacks against their
known location files I guess is my thinking for having my own.
That already uses a little simplification so that you only need to
remember one password.
For my application I was hoping for something more secure but I can
adapt what I have and it should work. KeyStore access usually unless
you intentionally simplify it allows for both a password for the file
and each alias. So while I would hope for something more secure than
default this actually weakens it. Oh well.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
This email sent to email@hidden
