Perforce Public Knowledge Base - Hiding Password and Ticket Data in the P4toDB Database
Reset Search
 

 

Article

Hiding Password and Ticket Data in the P4toDB Database

« Go Back

Information

 
Problem

Using P4toDB to replicate the Perforce USER database table (db.user) will also replicate the encoded user passwords and tickets.   Exposing those ticket values may allow someone to impersonate a user.

Note: You cannot exclude specific columns from the replication from Perforce.

Solution

Starting with p4todb release 2011.1.398942, you can edit your config file and set

MASK_PASSWORDS = true

All passwords will now be "00000000000000000000000000000000".


Ticket hiding with Database Trigger

The ticket is maintained in a separate column. To hide the ticket value, create a database trigger that nulls out the ticket column on any update or insert of the USER table.

Related Links

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255