Menu
▾
▴
Re: [Treebase-devel] Inadvertently committed password
|
From: William P. <wil...@ya...> - 2011-05-28 23:19:33
|
Hi all, Myself, I don't know what code depends on this properties file. I was concerned that the dev password might be leaking out, so I searched for the password in eclipse and erased it wherever I saw it. (But of course, you're right that this would be retained in older versions...). At any rate, the OAI-PMH service works fine on dev (e.g.) even with the password now erased. Given that this code is in a "../test/.." path, I'm guessing that this properties file was being used by test/development code which Youjun wrote that is presently not needed given the way that the OAI service is currently deployed. bp On May 28, 2011, at 6:34 PM, Hilmar Lapp wrote: > That's a great suggestion. The application in question appears to be in Java, and doesn't it also run on the same server? > > Bill or Harry - could you comment on whether this is easy enough to accomplish? > > -hilmar > > On May 28, 2011, at 1:00 PM, Vladimir Gapeyev wrote: > >> In the treebase-web application, this problem of accidentally committing a password is avoided through using JNDI. This way the password is never under the source tree and never inside a WAR. Couldn't the same be done for oai-pmh_data_provider/data_provider_web, whatever it is? >> -Vladimir >> > > -- > =========================================================== > : Hilmar Lapp -:- Durham, NC -:- informatics.nescent.org : > =========================================================== > |
