Hi!
I am trying to secure my passwords on a development machine in such a way that they "can not be retrieved" if my laptop is stolen. I'm using Glassfish with Eclipse 3.4.1.
I have changed the master password using change-master-password --savemasterpassword=true.
When I start my server, Eclipse will display the master-password in plain text in its console. Which is not what I was hoping for. If I uncheck the Allocate Console box in the Commons tab of the launch configuration It will not display the password. But this can easily be changed back which means that its not a viable solution.
I have also tried to set --passwordfile and having Eclipse to prompt for the password in the launch configuration. But none of them seem to work.
My ideas have been to either stop glassfish from sending the password to the console or have the master-password file moved to at secure location not on my machine or have a password file with the masterpassword located on a similar secure location. Making it "impossible" to start the server/domain without being logged on to the secure location.
I haven't succeeded with any of the ideas above and I might just be going about this in the wrong way.
The question is how do I secure my development environment (Eclipse/glassfish) so that the passwords cannot be retrived if my computer is stolen?
Any ideas or solutions are greatly appreciated.
Regards
/Eric
[Message sent by forum member 'eric1234' (eric1234)]
http://forums.java.net/jive/thread.jspa?messageID=341967