...
This compliant solution reads the user name and password from a configuration file located in a secure directory:
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* Returns nonzero if authenticated */ int authenticate(const char* code); int main() { #define CODE_LEN 50 char code[CODE_LEN]; printf("Please enter your authentication code:\n"); fgets(code, sizeof(code), stdin); int flag = authenticate(code); memset_s(code, 0, sizeof(code)); if (!flag) { printf("Access denied\n"); return -1; } printf("Access granted\n"); // ...Work with system return 0public final Connection getConnection() throws SQLException { String username; String password; // Username and password are read at runtime from a secure config file return DriverManager.getConnection( "jdbc:mysql://localhost/dbName", username, password); } |
It is also permissible to prompt the user for the user name and password at runtime.
...