存储批处理作业的密码 [英] Storing passwords for batch jobs

问题描述

我有一个使用需要授权的网络服务的小 Java 程序.因此 java prog(将使用 Windows 任务调度程序运行)需要有一个用户/密码参数.如何将它们存储在某处而不将它们作为纯文本放置在文件中?

I have a little java prog that uses a webservice which needs authorization. So the java prog (which is to be run using windows task scheduler) needs to have a user/password argument. How can I store these somewhere without having them laying around in a file as plaintext?

到目前为止，我已经尝试使用 runtime.getRuntime 和 CACLS 来获得纯文本文件，但更改了权限，因此只有所有者才能打开它(不起作用，不知道为什么).

So far I've tried using runtime.getRuntime and CACLS to have a plaintext file but alter the permissions so only the owner could open it (didn't work, not sure why).

密码加密不起作用，因为如果我将哈希传递给网络服务，网络服务只是错误什么?拒绝，迷路了"，但如果我使用密钥加密，您需要一个密码来解密密码.我在哪里存储它.:P

Password encryption doesn't work because if I pass the hash to the webservice, the webservice is just "errr what? denied, get lost", but if I use secret key encryption you need a password to decrypt the password. and where do I store that. :P

帮助?请?:)

谢谢.

推荐答案

简单的答案是:

你不能让它完全安全，但你可以让它稍微安全.

You can't make it entirely secure but you can make it marginally more secure.

您不能对密码进行哈希处理，因为这会阻止您的程序使用它.

You CAN NOT hash the password because this would prevent it's use by your program.

您可以将密码放在文件中并使用操作系统权限保护该文件.您需要允许执行程序的进程读取访问权限.这可以防止任何没有管理员权限的人查看密码.

You CAN put the password in a file and protect the file using the OS permissions. You will need to allow the process executing your program read access. This prevents anyone without administrator rights from viewing the password.

您可以加密密码并在程序中提供密钥.这可以防止那些可以读取文件但不会阻止(甚至减慢)可以访问密码和您的程序的人随意查看密码.

You CAN encrypt the password and provide the key in your program. This prevents casual observation of the password by those who can read the file but will not stop (or even slow down much) someone with access to the password and your program.

其他任何东西都或多或少是剧院.

Anything else is more or less theater.

这篇关于存储批处理作业的密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！