-->
These old forums are deprecated now and set to read-only. We are waiting for you on our new forums!
More modern, Discourse-based and with GitHub/Google/Twitter authentication built-in.

View unanswered posts | View active topics


Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]


Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 4 posts ] 
  Previous topic | Next topic 
Author Message
kumaran
 Post subject: Encrypted DB Password
PostPosted: Mon Mar 31, 2008 12:32 pm 
Newbie

Joined: Mon Mar 31, 2008 12:18 pm
Posts: 2
Hi!

I am using Hibernate for the first time and I have a pretty basic question.

What are the options that are available to me in ensuring that Hibernate allows for encrypted storage of DB passwords in xml files?

I noticed that hibernate.connection.password accepts passwords in clear-text. Is there a different encrypted password parameter that could be set appropriately?

I am using a WebLogic server and an Oracle DB.

Any help would be greatly appreciated.

Thanks,
Kumaran
Top
 Profile  
 
JustinKoke
 Post subject:
PostPosted: Tue Apr 01, 2008 3:16 am 
Newbie

Joined: Sun Feb 13, 2005 11:48 pm
Posts: 4
Location: Sydney, Australia
The simple answer would be no, from what I know.

What you really want is an obfuscated password correct, not an encrypted one?

Most likely, or perhaps you 'should' be using c3p0 for your connection pooling, this is what the hibernate docs recommend.

Perhaps you could look at extending C3P0's configuration to take an 'obfuscated' password and 'de-crypt' before it is used to create a connection?

Seems like over-kill to me really. If a user owns your box (being able to see your files), you really are already in trouble!

Justin
Top
 Profile  
 
ferozz
 Post subject:
PostPosted: Tue Apr 01, 2008 3:58 am 
Regular
Regular

Joined: Mon Aug 06, 2007 10:49 am
Posts: 67
Location: Banska Bystrica, Slovakia
jasypt could be solution, i `ve never used it but looks like thing u need:

http://www.jasypt.org/encrypting-configuration.html
Top
 Profile  
 
amila733
 Post subject:
PostPosted: Tue Apr 01, 2008 6:57 am 
Senior
Senior

Joined: Thu May 17, 2007 2:31 am
Posts: 194
Location: Sri Lanka
Hi

you can set your databse password in your java class file. Don't store it in xml or property file.


Amila
(Don't forget to rate if helps)
Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 4 posts ] 

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
© Copyright 2014, Red Hat Inc. All rights reserved. JBoss and Hibernate are registered trademarks and servicemarks of Red Hat, Inc.