Hmm... I think you can do something wonky with wallet and OID here... what app server are you using? I think OracleAS supports wallet (and you can federate the wallet using OAM/OIM and an OID backstage) I don't know about JBoss or Tomcat... and I wish I didn't know OracleAS ;-) Oh, and no matter how secure a password is, if by some (un)happy chance someone gets a hold of the hash, it can be cracked... So I am all for periodically changing app passwords (though not automatically). Now, more to your question, if the configuration file needs to be *exactly* the same in all servers, then it's fairly easy to set up a NFS and have a symbolic link to the file (if the path is very specific). Alternatively it's possible to set up either a push job using scp(requires authorized_keys) or ftp or a pull job using rsync or some similar tool. It's also possible to set up svn/cvs/perforce and push the config file from there... oh, and how many is "a lot"? hth cheers Alan.- On Mon, Feb 21, 2011 at 5:29 AM, Niall Litchfield < niall.litchfield@xxxxxxxxx> wrote: > Sounds like a use case for o/s authentication to me - or maybe proxy > authentication. That said most apps I've come across use a non-changing > secure password for this purpose (except for those that use a non changing > insecure password :( ) > > > On Mon, Feb 21, 2011 at 5:33 AM, Eagle Fan <eagle.f@xxxxxxxxx> wrote: > >> Hi: >> >> We want to implement a db password change mechanism. We have a lot of >> application servers which have configuration file on local server. >> >> So if we change the password in configuration file, we need to push the >> new file to all of the application servers and it takes some time for the >> pushing. Some application servers can't login database using the old >> password during the pushing. >> >> The current workaround we can think of is to have two passwords in the >> configuration file, so the application server can try another one if the >> first one is failed. >> >> Do you have any better solution for this? Does oracle have any solution >> (ASO?) for this? >> >> Thank you in advance. >> >> -- >> Eagle Fan >> > > > > -- > Niall Litchfield > Oracle DBA > http://www.orawin.info >