R
Ramon
Hi,
I am doing an experimental project (using JSP) where I am implementing a
fictional holiday booking system. Details about the users (admins and
customers) and holidays are stored in a DB (using MySQL).
I am currently saving the user details (username, password and if the
user is an admin) in a table. In order to verify if the user's login is
correct, the system needs to go to the DB and check in the appropriate
table. In order to do this operation, I have created an DB account
(named it dbuser) which has the rights to (at least) read the users
table...etc.
My question:
Where should the password of this account (i.e dbuser) be stored?
(Currently it is hard-coded in a Java Bean, which is not the best way to
do so... BTW the users' passwords in the table are hashed. I
appreciate any suggestion).
Thanks.
I am doing an experimental project (using JSP) where I am implementing a
fictional holiday booking system. Details about the users (admins and
customers) and holidays are stored in a DB (using MySQL).
I am currently saving the user details (username, password and if the
user is an admin) in a table. In order to verify if the user's login is
correct, the system needs to go to the DB and check in the appropriate
table. In order to do this operation, I have created an DB account
(named it dbuser) which has the rights to (at least) read the users
table...etc.
My question:
Where should the password of this account (i.e dbuser) be stored?
(Currently it is hard-coded in a Java Bean, which is not the best way to
do so... BTW the users' passwords in the table are hashed. I
appreciate any suggestion).
Thanks.