How to store multi-tenancy passwords?
Question
How is the proper way to store passwords for each tenancy database?
Tenancy manager:
id | domain | host | user | pass | db
---------------------------------------------------------
1 | website.com | 127.0.0.1 | root | HOW? | website.com
When a domain connect to application, tenancy manager should get the tenancy information and connect to apropriate database, but, I can't imagine how to store, in a secure way, the password, which I need to decrypt to make each connection.
Maybe a PHP approach is more safe than a database approach? But how?
1 answers
solution1
1 2013-02-09 23:08:59
What about using public/private key encryption mechanism ( http://en.wikipedia.org/wiki/Public-key_cryptography ) . You could persist your passwords in mysql encrypted with a public key. When read the password you could decrypt it with a private key that would be securely stored in your keystore.
you could use http://www.openssl.org/ to create and manage your keystore.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.