Dear friends,

I am using Hibernate 3. From following topic, i understood, how to set the encrypted password in the Hibernate config file.

But, it is not working for me.

<hibernate-configuration>
<session-factory>

<property name="hibernate.connection.provider_class">org.jasypt.hibernate.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider</property>
<property name="hibernate.connection.encryptor_registered_name">configurationHibernateEncryptor</property>
<property name="myeclipse.connection.profile">MySQLDriver</property>
<property name="dialect">org.hibernate.dialect.MySQLDialect</property>

<property name="connection.url">jdbc:mysql://pc1027:3306/licencedb</property>
<property name="connection.username">root</property>
<property name="hibernate.connection.password">KKVX9YcgPs1w/Odh3jrLbg==</property> <property name="connection.driver_class">com.mysql.jdbc.Driver</property>

<property name="hibernate.c3p0.acquire_increment">3</property>
<!-- idle_test_period & Timeout for MySQL Should be less than 28800 (8Hours) -->
<property name="hibernate.c3p0.idle_test_period">14400</property>
<property name="hibernate.c3p0.timeout">14400</property>
<property name="hibernate.c3p0.max_size">10</property>
<property name="hibernate.c3p0.min_size">3</property>
<property name="hibernate.c3p0.preferredTestQuery">select 1;</property>

<mapping resource="com/ocs/lms/dbaccess/dbmapping.xml" />
</session-factory>
</hibernate-configuration>


I have generated the encrypted password ("KKVX9YcgPs1w/Odh3jrLbg==") using command line tool and the command is
encrypt.bat input="MyDBPwd" password=EncryptionPassword algorithm=PBEWithMD5AndDES

I have a static class to give the session to DBServices class. Before configure, i have added the following linces

StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setAlgorithm("PBEWithMD5AndDES");
strongEncryptor.setPassword("EncryptionPassword");
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("configurationHibernateEncryptor", strongEncryptor);

configuration.configure(DBConstants.HIBERNATE_CONFIG_FILE_LOCATION + DBConstants.HIBERNATE_CONFIG_FILE);
sessionFactory = configuration.buildSessionFactory();

* [sessionFactory, configuration are static values]

But, DB connection failed with following Exception :

org.hibernate.exception.GenericJDBCException: Cannot open connection
at org.hibernate.exception.SQLStateConverter.handledNonSpecificException(SQLStateConverter.java:103)
at org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:91)
at org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:43)
at org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:29)
at org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:426)
at org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:144)
at org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:119)
at org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:57)
at org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1326)
Caused by: java.sql.SQLException: Invalid authorization specification message from server: "Access denied for user 'root'@'pc1027.internal.ocs-consulting.com' (using password: YES)"
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:1997)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:1906)
at com.mysql.jdbc.MysqlIO.secureAuth411(MysqlIO.java:2520)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:817)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:1786)
at com.mysql.jdbc.Connection.<init>(Connection.java:450)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:411)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at org.hibernate.connection.DriverManagerConnectionProvider.getConnection(DriverManagerConnectionProvider.java:110)
at org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:423)

But, when i remove the encrypted password and give right password in the hibernate config file, it works fine.
Please help me to find, which step, i am missing.

I found this information from the following topic.

http://forum.hibernate.org/viewtopic.php?p=2391734

Please help me out.

Please help me out friends,

- SANSSAN

If you know how to decrypt your encrypted password, try this way:
a. get rid of the following properties in your hibernate.cfg.xml file:
<property name="hibernate.connection.provider_class">org.jasypt.hibernate.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider</property>
<property name="hibernate.connection.encryptor_registered_name">configurationHibernateEncryptor</property>
b. put your encrypted password into "hibernate.connection.password" property; For the encrypted password, you should know how to decrypt it;
c. in your code, get the encrypted password property from your Configuration, then decrypt it . Finally put the decrypted password back; see the below code:
....
Configuration configuration = new Configuration().configure();
String encryptedPwd = configuration.getProperty("hibernate.connection.password");
String plainPwd = YourEncryptor.Decrypt(encryptedPwd);
configuration.setProperty("hibernate.connection.password", plainPwd);
sessionFactory = configuration.buildSessionFactory();
...

Cheers

Thanks runpara.
It seems settings in .cfg.xml file is not working for me. I used my own encryptor/decryptor by following your idea and it works like a gem.

if anyone finds the solution with the hibernate.cfg.xml file, please let us know in this thread.

Much appreciated.
Thanks.

Actually it works fine with the hibernate.cfg.xml file configuration as well. In case any one needs it:

1. Generate the encrypted password using the command:
encrypt.bat input="Ql5fasfdasfsdaeeAA" password=MYPAS_WORD

2. Added the properties in hibernate.cfg.xml file with C3P0 connection pooling provider.
<property name="hibernate.connection.provider_class">org.jasypt.hibernate.connectionprovider.EncryptedPasswordC3P0ConnectionProvider</property>
<property name="hibernate.connection.encryptor_registered_name">configurationHibernateEncryptor</property>
<property name="hibernate.connection.password">ENC(urrkt5RYb3V9NgUmzDQFKEpRx0DPOAih)</property>

3. Add the below lines of code before getting the Session Factory instance:
/**
* -----------------------------------------------
* This is generated with .bat file in Windows machine,
*
* COMMAND> encrypt.bat input="Ql5LIhyeeAPDA" password=MYPAS_WORD
* password argument should be set in setPassword() method of the strongEncryptor object.
* It should match otherwise it won't work.
* ---------------------------------------------------
*/
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("configurationHibernateEncryptor", strongEncryptor);
strongEncryptor.setPassword("MYPAS_WORD");
sessionFactory = new AnnotationConfiguration().configure().buildSessionFactory();

Those are the only 3 steps you need to make encryption/decryption of the passwords for Hibernate.

I hope this helps.

Thanks,
Suresh

I am still getting this error

Hi,

I have created a simple standalone java file to test if I can encrypt DB password in hibernate.cfg.xml file using Jasypt.
If it works fine, I am planning to use the same in my java batch application. Following is my hibernate.cfg.xml file:
hibernate.cfg.xml:
******************
<hibernate-configuration>
<session-factory>
<property name="connection.provider_class">
org.jasypt.hibernate4.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider
</property>
<property name="connection.encryptor_registered_name">configurationHibernateEncryptor</property>
<property name="connection.url">
the connection URL
</property>
<property name="hibernate.connection.driver_class">oracle.jdbc.driver.OracleDriver</property>
<property name="hibernate.connection.username">DB_USERNAME</property>
<property name="hibernate.connection.password">ENC(mU6zwQrTrGsCucU4u3GW28PLuzPjwm)</property>
<property name="dialect">org.hibernate.dialect.OracleDialect</property>
<mapping resource="Emp.hbm.xml"/>
</session-factory>
</hibernate-configuration>

Java Code:
***********
public class HibernateDemo {
private static SessionFactory factory;
public static void main(String[] args) {
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setAlgorithm("PBEWithMD5AndDES");
strongEncryptor.setPassword("root1");
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("configurationHibernateEncryptor", strongEncryptor);
try{
factory = new Configuration().configure().buildSessionFactory();
factory = cf.buildSessionFactory();*/
}catch (Throwable ex) {
System.err.println("Failed to create sessionFactory object." + ex);
throw new ExceptionInInitializerError(ex);
}
HibernateDemo ME = new HibernateDemo();
ME.listEmployees();
}
public void listEmployees( ){
Session session = factory.openSession();
Transaction tx = null;
try{
tx = session.beginTransaction();
List employees = session.createQuery("FROM Emp).list();
for (Iterator iterator =
employees.iterator(); iterator.hasNext();){
Emp employee = (Emp) iterator.next();
System.out.print("First Name: " + employee.getFirstName() );
System.out.print(" Last Name: " + employee.getLastName());
}
}catch (HibernateException e) {
//if (tx!=null) tx.rollback();
e.printStackTrace();
}finally {
session.close();
}
}
}

When I execute the program I am getting following exception:
ERROR: ORA-01017: invalid username/password; logon denied

org.hibernate.QueryTimeoutException: Could not open connection
at org.hibernate.exception.internal.SQLStateConversionDelegate.convert(SQLStateConversionDelegate.java:151)
at org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:49)
at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:125)
at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:110)
at org.hibernate.engine.jdbc.internal.LogicalConnectionImpl.obtainConnection(LogicalConnectionImpl.java:221)
at org.hibernate.engine.jdbc.internal.LogicalConnectionImpl.getConnection(LogicalConnectionImpl.java:157)
at org.hibernate.engine.transaction.internal.jdbc.JdbcTransaction.doBegin(JdbcTransaction.java:67)
at org.hibernate.engine.transaction.spi.AbstractTransactionImpl.begin(AbstractTransactionImpl.java:160)
at org.hibernate.internal.SessionImpl.beginTransaction(SessionImpl.java:1426)
at org.ets.HibernateDemo.listEmployees(HibernateDemo.java:74)
at org.ets.HibernateDemo.main(HibernateDemo.java:53)
Caused by: java.sql.SQLException: ORA-01017: invalid username/password; logon denied

at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:389)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:382)
at oracle.jdbc.driver.T4CTTIfun.processError(T4CTTIfun.java:600)
at oracle.jdbc.driver.T4CTTIoauthenticate.processError(T4CTTIoauthenticate.java:445)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
-----------------------
---------------------

I am not able to figure out where exactly I have gone wrong. Any help on this is highly appriciated.