i've got lot of automated services need passwords various resources. databases, servers, , forth.
my question is, what's best way secure these passwords while allowing applications retrieve them in secure manner?
the current idea web api can query grab passwords. pass in authtoken , key , associated password.
the authtoken gets checked validity (and permissions) before handing password.
my concern how verify further application outside of having authtoken.
unfortunately i'm not working ad domain, that's out of picture.
how have other people solved problem?
in case wasn't clear, if don't have ad domain available don't have ability ship hardware modules every datacenter going implemented.
i apologize if seems redundant, seems context gets lost on folks.
Comments
Post a Comment