Versions Compared

Version Old Version 3 New Version 4
Changes made by

Megan Ellis

Megan Ellis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
Column

When accessing your database from an externally hosted SaaS Server, follow these steps to ensure your data is secure. You may also wish to consider one or all of these step even when using the in-house version if you feel your intranet is not secure.

Using the Database Connector's security mechanism, combined with only accepting SSL connections to the database connector from the web application container, will prevent unauthorized access to your database queries. The steps below describe how to secure your data.

Column
width240px

On this page:

Table of Contents
maxLevel1

...

The  Database Connector automatically protects your data from Injection Attacks. No configuration is required for this security measure.

Database Password Security

While you cannot encrypt the database password in the <frevvo-home>\tomcat\conf\dbconnector.properties file, you can provide added security using one of the following methods:

  1. Define the data source at the container (tomcat) level for some added security. Please see this documentation which explains how.
  2. Store password as an OS Environment Variable and reference that variable in the dbconnector.properties file. See Secure Passwords in Tomcat for details.