[英]How to store multi-tenancy passwords?
How is the proper way to store passwords for each tenancy database? 如何为每个租户数据库存储密码的正确方法?
Tenancy manager: 租务经理:
id | domain | host | user | pass | db
---------------------------------------------------------
1 | website.com | 127.0.0.1 | root | HOW? | website.com
When a domain connect to application, tenancy manager should get the tenancy information and connect to apropriate database, but, I can't imagine how to store, in a secure way, the password, which I need to decrypt to make each connection. 当域连接到应用程序时,租户管理器应该获取租户信息并连接到适当的数据库,但是,我无法想象如何以安全的方式存储密码,而我需要解密该密码才能建立每个连接。
Maybe a PHP approach is more safe than a database approach? 也许PHP方法比数据库方法更安全? But how?
但是如何?
What about using public/private key encryption mechanism ( http://en.wikipedia.org/wiki/Public-key_cryptography ) . 关于使用公共/专用密钥加密机制( http://en.wikipedia.org/wiki/Public-key_cryptography )呢? You could persist your passwords in mysql encrypted with a public key.
您可以将密码保存在使用公钥加密的mysql中。 When read the password you could decrypt it with a private key that would be securely stored in your keystore.
读取密码后,您可以使用私钥将其解密,该私钥将安全地存储在密钥库中。
you could use http://www.openssl.org/ to create and manage your keystore. 您可以使用http://www.openssl.org/创建和管理密钥库。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.