Using LDAP authentication with liquibase
https://stackoverflow.com/questions/7563413
-
30-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPregunta
Is it possible to use LDAP authentication with Liquibase?
If not, how have others solved the problem of automating changes to production database schemas using Liquibase (yet still keeping the database credentials secure)?
Solución
LDAP is used for server-side authentication. Not all databases support it, for example MySQL only supports it in it's Enterprise version.
Securing the credentials, used by clients like liquibase, falls into two categories:
- Protecting data in transit
- Protecting credentials at rest
To protect credentials in transit, I'd recommend using a JDBC driver which supports SSL. Some JDBC drivers support this feature, for example MySQL. Another approach is to tunnel the JDBC traffic over a SSH tunnel.
Protecting credentials at rest (in configuration files) is more difficult and depends on how you plan to invoke liquibase. If you're using ANT, I'd suggest using the answer to this question on how to read encrypted property files.
