Results 1 to 2 of 2

Thread: Generic approach for storing credentials

Hybrid View

  1. #1
    Join Date
    Feb 2012
    Rep Power

    Default Generic approach for storing credentials

    Hi folks,

    we're currently developing several zimlets that integrate with other systems (eg. cms, erp, etc).
    These zimlets (more precisely: their backend jsp code) need the proper user credentials to these
    external systems.

    For now, we're storing them in the user-zimlet-properties, but they can be accessed by frontend
    javascript code, which imposes an security risk. So we'll need to move them to some other
    datasource. Options are:

    a) filesystem: a bit tricky to guarantee atomicity and not suited for multiserver (would require additional sychronization)
    b) mailboxd database: not suited for multiserver, like w/ filesystem
    c) ldap: requires schema extension (that must be maintained across zcs separate versions, more complex on zcs upgrades)
    d) separate database server: quite complex to set up (far out of scope for a simple zimlet)

    The first step we're probably going is to abstract away the access to such information, so we can choose the underlying actual storage later (maybe configurable or even supporting multiple ones).

    Any ideas on this ?


  2. #2
    Join Date
    Jan 2010
    Rep Power


    Not a direct answer to your question, but you can use the zimbraZimletDataSensitiveInMixedModeDisabled ldap attr to disable zimlets exchanging sensitive data with the server operating in mixed (both http/https) mode.

Similar Threads

  1. Replies: 0
    Last Post: 12-15-2009, 02:36 AM
  2. Greylisting and a new approach ?
    By uxbod in forum Administrators
    Replies: 2
    Last Post: 11-22-2009, 11:14 PM
  3. Best approach to authentication dilemma
    By w00005414 in forum Administrators
    Replies: 1
    Last Post: 06-08-2009, 01:02 PM
  4. Question on an approach to take
    By dlochart in forum Administrators
    Replies: 4
    Last Post: 03-30-2007, 02:21 PM
  5. Replies: 3
    Last Post: 08-24-2006, 06:27 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts