Oracle Tips by Burleson

Encrypting the dads.conf Passwords

The dads.conf file shows that the password is in plain text, which is not the best option for purposes of security.  Oracle provides an obfuscation utility to encrypt the password.  The dadtool.pl perl script will make a copy of the dads.conf file and modify the PlsqlDatabasePassword configuration parameter to an encrypted format.  This will prevent anyone from being able to read the password from the dads.conf file.  To run the obfuscationtool, navigate to the ORACLE_HOME\Apache\modplsql\conf directory in a DOS prompt and run the following command:

perl dadTool.pl –o

This may require setting some environment variables. To make it easy, I create a batch file to run the command.  Shown below are the contents of the file: 

The encryptdad.* files should be saved in the same directory as the dads.conf file described above.  The dadTool.pl file is also in this directory.  The encryptdad.bat file can be run the following ways.

After running the obfuscation utility, the PlsqlDatabasePasswordconfiguration parameter will be modified to something like: 

PlsqlDatabasePassword          @BUCZxYS3xQEoOxn4UQw98lU=

At this point, the HTTP Server will have to be stopped and restarted.  For UNIX/Linux, the script created in Chapter 1 of this book can be used.  For Windows, the Restart HTTP Server shortcut created off the start menu can be used.

The above book excerpt is from:

Easy HTML-DB Oracle Application Express

Create Dynamic Web Pages with OAE

ISBN 0-9761573-1-4   

Michael Cunningham & Kent Crotty

http://www.rampant-books.com/book_2005_2_html_db.htm