The exact method depends on the environment, but in general, you store the credentials in a location which is only readable by the user that your application is running as. For example on Windows you would store the credentials in the registry in a location protected by an ACL so that only that user could read it. Optionally, you could use the DPAPI to encrypt the data so it was further protected. In Unix, you would store it in a file that was protected with chmod
(and optionally encrypted) so that only the app could read it.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…