Hi,
I am using Hibernate with Spring for a web based application running on Tomcat5.
I have a table called CreditCard which stores credit card information. CCTransactionDAO class uses hibernate to access a MySQL database.

A ccTransactionManager interface is used to call the CCTransactioDAO to get and save rown in the table.
All configuration is performed using spring's applicationContext.xml
Show below is the ccTransactionManager bean creation in the applicationContext.xml

What I am trying to do is this: When a method called getCreditCard(customerId) is invoked on the manager, before returning the CreditCard object, I need to decrypt it. So I call a decrypt(CreditCard) method within the getCreditCard(customerId) method. The decrypt(CreditCard) method is a private method in the manager. code shown below.
But when I call the decrypt method, the decrypted values are written to the database (to the row corresponding to the CreditCard object returned by the getCreditCard method. I am guessing this is because the session is still active under the transaction created for the manager.
I would like to decrypt the card info without writing the decrypted value to the db.

I hope this is not too confusing, and any help will be greatly appreciated.

thanks,
-Riz.
-------------------------------------------------------------------------------------
<bean id="ccTransactionManager"
class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
<property name="transactionManager">
<ref local="transactionManager"/>
</property>
<property name="target">
<ref local="ccTransactionManagerTarget"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="*">PROPAGATION_REQUIRED</prop>
</props>
</property>
</bean>

<bean id="ccTransactionManagerTarget"
class="com.cwsi.eshipper.service.impl.CCTransactionManagerImpl">
<property name="CCTransactionDAO">
<ref local="ccTransactionDAO"/>
</property>
</bean>

-------------------------------------------------------------------------------------

methods in ccTransactionManager

public CreditCard getCreditCardByCustomerId(long customerId){

CreditCard cc = dao.getCreditCardByCustomerId(customerId);
if(cc==null)
return null;
//decrypt the card info first
decryptCCData(cc);

return cc;
}

private void decryptCCData(CreditCard cc){
try{
String decrypted_ccNum = CryptoFactory.getCrypto().decryptFromBase64Encoded(cc.getCcNumber());
String decrypted_ccExpMonth = CryptoFactory.getCrypto().decryptFromBase64Encoded(cc.getCcExpiryMonth());
String decrypted_ccExpYear = CryptoFactory.getCrypto().decryptFromBase64Encoded(cc.getCcExpiryYear());
cc.setCcNumber(decrypted_ccNum);
cc.setCcExpiryMonth(decrypted_ccExpMonth);
cc.setCcExpiryYear(decrypted_ccExpYear);
}
catch(Exception e){
logger.debug("Unable to decrypt credit card information!");
e.printStackTrace();
throw new CryptoException(e.getMessage());
}

You could evict the credit card from the Hibernate session in the DAO (session.evict(cc)), or you could clone the cc in the manager, decrypt the clone and return that cc.