Does anyone know how to export stored passwords for registered servers in Aqua Data Studio?
To be clear, I want the plain text password for each saved connection.
If the intent is to transfer your registered servers to a new laptop, the pfile.properties file needs to be copied to the new device along with the connections subfolder (actually, the entire .datastudio directory). You don't need them in plaintext to do that.
If you are looking to get the plaintext passwords for another reason, say to switch to a different SQL studio app, I haven't seen any way to do that.
Related
I have the problem, that if i deploy my 64bit application on a customer computer, i get the error message:
encryption dll "dbfips16.dll" could not be loaded.
The curious thing is, that on my notebook and some other computers it's working pretty well. I tried to add the dll's to our deployment, but could not find it in the Sybase 16 directory, do i have to download the seperatly?
(I currently i did not want to use any encryption)
P.S. i use simple file based deployment.
EDIT
I use the sybase 16 ADO.net driver (c#).
The problem only appears on one server.
EDIT
server=***;dbn=***;charset=utf-8;links=TCPIP;UID=***;PWD=***;ENC=None
The dbfips16.dll is only loaded when the connection string tells the client to use FIPS-validated encryption. If you don't want to use encryption at all, the ENCRYPTION parameter should not be set, or should be set to "none". Also check to make sure that the SQLCONNECT environment variable is not set (or doesn't contain the ENCRYPTION parameter).
If this doesn't help, can you post the contents of the connection string and/or DSN?
Disclaimer: I work for SAP in SQL Anywhere engineering.
The Problem:
We have a web-based medical software application that as part of the solution, allows people to upload and share files. The process of saving, and uploading those files from their source electronic medical record application into ours is cumbersome for the users.
The Goal:
I'd like to have a way for them to "print" from the source application, via a standard print dialog (necessary because we can't control the source application), but have that document actually uploaded to our web app either through a web service, or IPP or similar.
The Complication:
We also need some contextual data: Which patient does this thing you're printing belong to? This is done through an identifier which the user would need to specify, and we would match up on our side.
What I need help with:
I don't know enough about print drivers, port redirection (e.g. RedMon), or IPP or anything like that to know how this should be architected. Here's my stab at it. Will this work? Is there an easier way?
The user installs RedMon or similar and a custom local application we've written to capture the printer image
This triggers the local application to prompt the user for the patient information we need to match up the document
The local program then authenticates, and uploads the file to our webservice and is available to the user.
I guess your users OS is windows, so a good starting point is PDFCreator (a open source virtual printer for windows).
Save your documents as:
PDF,
PNG,
JPEG,
BMP,
PCX,
TIFF,
PS,
EPS,
TXT,
PSD,
PCL,
Raw,
SVG
to the local filesystem by specifying the location and using a file naming convention. Use the Action after saving to run a shell script. Use this shell script to ask the user for further meta-data and let this script do the upload to your web service.
PDFCreator is open source (you can find it on sourceforge.com) so you are may be able to add some fields for meta data to the printer dialog and passing them by file naming convention to the shell script.
Another option is to collect all uploads in your webapplication and add meta data after upload. May be it is an option to implement a "virtual printer queue" for each user (identified by uploader / author / windows user name / upload from host name).
May be you can start here (not tested):
Scripts/RunProgramAfterSaving/FTPUpload.vbs
May be interesting, too:
Scripts/RunProgramAfterSaving/PopUpMessage.vbs
Note: Watchout to not install adware with the PDFCreator setup.
I'm working on a C++ application that stores (and frequently accesses) its data across many files within a single directory via numerous classes, database libraries, etc. I would like to start encrypting all this data on disk using a key managed by the application.
On windows, programmatically enabling EFS for the directory would be perfect if the application could set the encryption key directly rather than using one based on the logged-in user's password. This does not seem possible.
Because there are numerous places in the code that read/write files, some with full random-access, a library that exports something akin to the OS file operation API would be easiest in the absence of direct OS support.
Windows is the biggest user base but something usable on Mac and Linux would be a big plus.
Any suggestions?
Configure the application to run as a service account, intended only for it. Then, configure EFS. Since the application's service account will own the files, its user-specific keys should be the only valid EFS keys for it, so only the application (which will be the only thing running under this new service account) will be able to access the files.
Have you considered storing the files in an encrypted archive, such as a zip file? Not knowing what language you're working in makes it difficult to give a more specific answer.
I am not an expert but I have a few suggestions,
('user' is considered Male here)
In Windows, when an user is logged in, he will have all the rights to manipulate a file or folder which belongs to him.
But, if he tries to manipulate files or folders which belong to other users, he is not allowed to do so. So, he can't manipulate other user's files.
If the user is administrator, he will have all the rights to manipulate the file.
In your case, I believe the user is not administrator.
So, I suggest to you to:
Create a user for this application, say Bob(Bob is not the user who is going to use this application).
Then you create a folder to store your files and give all permission only to Bob(and the admin).
For all others, there no permission to do anything to the folder.
Your application must be installed by administrator.
When you start, Your application asks Bob's password from current user.
If the password is correct,
Using your application allow full access folder permission to the current user. Then application can work as you wish.
If the user quits the application,
Remove all permission for current user so that after quitting this application others can't access that content.
But Administrator can still access this content.
This is similar like Linux user management.
When you are getting a shell you can change user using su username when finishes the work and he quits the shell then others can't use those files. But root user can do anything in Linux.
But there is one problem.
Administrator can get full content and access since he can modify the permissions.
To disallow this, save the files by zipping using any technique and by using a password. That password is only known by the user who uses it. Before saving a file to the folder, zip it using a password. Before using the file, unzip it using the password.
If the zipping password is same as user password, then there is a problem.
The administrator can reset user password to something and open his account.
To prevent this you can use the following technique:
Use zip password as reverse of user password, so that if his password is 1234 the zipping password is 4321, or use hash value of user password as zipping password.
If the zip password is hash value like MD5 hash or SHA-1 then brute force on zip file won't work due to the password length.
I don't know if this is a working solution or not or if this can be implemented or not.
But you can take some ideas out of this, if you think there is some good ideas in this.
Unless I've missed something in your question, TrueCrypt seems to be an ideal solution for you.
It will allow to:
Utilize existing OS file API (as the mounted volume will behave just like regular volume)
Programmatically manage access key (password)
Limit access to the mounted volume (by OS mechanics)
Utilize same principles on all the platforms (Windows, Mac, Linux)
Or, if you want, you can encrypt/decrypt individual files with it.
There's a number of examples on how to use it around.
I need to setup a process to update a database table with user supplied CSV-data (running Coldfusion 8/MySQL 5.0.88).
I'm not sure about the best way to do this.
Should I give users FTP-access to my system, generate a directory for every user and upload files from there, or should I pick files up from external locations, so the user has to setup an FTP folder my system can access. I'm sort of leaning towards the 2nd way and wanted to set this up using cfschedule and cfftp, but I'm not sure this is the best way to go forward. Security wise, I'm mor inclined to have users specify an FTP location, from where I pull, rather than handing out and maintaing FTP folders for every user.
Question:
Which approach is better both in terms of security and automation?
Thanks for input!
I wouldn't use either approach. I would give the users a web page to upload their csv files. The cf page that accepts the files would place them into a specific folder and make sure they have unique filenames. The cffile tag will help you with that.
The scheduled job would start with a cfdirectory tag on the target folder. This creates a query object. Loop through it and do what you have to do with each file.
Remember to check for the correct file extension. Then look at the first line of the file to ensure it matches the expected format.
Once you have finished processing the file, do something with it so that you don't process it again on the next scheduled job.
Setting up a custom FTP server is certainly a possibility, since you are able to create users, and give them privileges (automated). It is also secure.
But I don't know the best place to start if you don't have any experience with setting up a FTP server.
Try https://www.dropbox.com/
a.)Create a dropbox account,send invites to your users/clients.
b.)You can upload files/folders into dropbox,your clients/users can access it from their
dropbox account/dropbox desktop app..
c.)Your users/clients can upload files/folders and you can access it from your dropbox
website account/desktop app.
Dropbox is rank 1 software, better in security and automation.
Other solutions:
Best solution GOOGLE DRIVE(5gb free)
create a new gmail account,give ur id and password to your users.ask them to open google drive and import/export files.or try skydrive(25gb free)
http://www.syncplicity.com/
https://www.cubby.com/
http://www.huddle.com/?source=cj&aff=4003003
http://www.egnyte.com/
http://www.sharefile.com/
The question says it all: I want to change information about datasources on multiple coldfusion servers. Can this be scripted? Ideally, a solution would work on both CFMX 6.1 and CF8
Can you use the API cfc's for version 8
http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=basiconfig_37.html
With 6.1 I think you are out of luck. It stores the password in an XML file somewhere I believe, you'd have to read it in change it and save. That would work for both versions.
Well, you could write an application that makes use of the Admin API and use the CFIDE/adminapi/datasource.cfc, but that won't work in CFMX 6.1 because Admin API didn't exist then, so you'd have to use the unsupported ServiceFactory instead.
On the other hand, a hackish approach (a hack that I would actually use) is to first create a temp datasource with the new password then read the neo-datasource.xml (CF8) or neo-query.xml (CFMX 6.1) to get the encrypted version. Then find the encrypted version of the password that already exists that you wish to change. Then simply do a string replace in those XML config files for each server where you find the existing encrypted password and replace it with the new encrypted version. It will work fine, but do the swap while CF is shutdown coz it keeps a copy of the existing passwords in memory and will need to re-read the xml config files.