Hi, how to encrypt Database password in hibernate.cfg.xml.

I tried using http://www.jasypt.org/encrypting-configuration.html

but i am getting an error
and in the hibernate.cfg.xml file I wrote


I did not understood the registering of the driver. Where should I call and what is this i wrote before connecting my file




Can any one tell where and how to register ?? or is there any other ways to encrypt the password??

Hello,

Your registration code is correct, but you should set a password for your encryptor before calling "registerStringEncryptor", with something like:


If you don't, the encryptor will not be able to initialize correctly, which may be the reason you are receiving that exception (if this is so, please tell me so that I can change that exception message... seems confusing).

Regards,
Daniel.

Thanks Daniel.
I have tried but still giving error. Do I need to assign that registration code to the sessionFactory??.

I have tried in google. I did not getting any examples..

Have u tried this? Is there any other way to encrypt the password in hibernate.cfg.xml ??

Thanks in advance
Uday

Hello Uday,

What version of Jasypt are you using? I have re-tested this functionality (I am the Jasypt project leader) and it works for me...

Do you have more than one SessionFactory? Do you instantiate it somewhere else other than that "prepareConnection()" method you show?...

The only possibility I see for your receiving this error is that the error does not really raise in the "prepareConnection()" method you show, but in any other place in your code where you create a SessionFactory from than hibernate.cfg.xml without registering the "configurationHibernateEncryptor" first. Could that be?

Regards,
Daniel.

Hi Daniel,

Thank you. It worked

Code to register Jasypt for hibernate

Encrypting Hibernate Password



After adding strongEncryptor.setAlgorithm("PBEWithMD5AndDES"); it worked

And strongEncryptor.setPassword("UR-ENCRYPTION-PASSWORD");

This password is the password which we have given for encrypting.
command to encrypt the password


and hibernate file

You hard-code the key inside the application. If that's the case, then why bother encrypt/decrypt the password, might as well hard-code the password in the application !!!! ?

Not sure if Jasypt is useful in this aspect - keep password not in clear text.

Hi Danial,
Could please tell me where we should write this piece of code ?

StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setAlgorithm("PBEWithMD5AndDES");
strongEncryptor.setPassword("devid");
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("configurationHibernateEncryptor", strongEncryptor);

@niranjan_cet, did you get a response to your question regarding how and where should the piece of code reside. Moreover, IF I use hibernate.cfg.xml, hoiw do I provide an encrypted password to the configuration. I know these are newbie questions, but that is exactly what I am. Any help would be appreciated.

Hi,

I have created a simple standalone java file to test if I can encrypt DB password in hibernate.cfg.xml file using Jasypt.
If it works fine, I am planning to use the same in my java batch application. Following is my hibernate.cfg.xml file:
hibernate.cfg.xml:
******************
<hibernate-configuration>
<session-factory>
<property name="connection.provider_class">
org.jasypt.hibernate4.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider
</property>
<property name="connection.encryptor_registered_name">configurationHibernateEncryptor</property>
<property name="connection.url">
the connection URL
</property>
<property name="hibernate.connection.driver_class">oracle.jdbc.driver.OracleDriver</property>
<property name="hibernate.connection.username">DB_USERNAME</property>
<property name="hibernate.connection.password">ENC(mU6zwQrTrGsCucU4u3GW28PLuzPjwm)</property>
<property name="dialect">org.hibernate.dialect.OracleDialect</property>
<mapping resource="Emp.hbm.xml"/>
</session-factory>
</hibernate-configuration>

Java Code:
***********
public class HibernateDemo {
private static SessionFactory factory;
public static void main(String[] args) {
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setAlgorithm("PBEWithMD5AndDES");
strongEncryptor.setPassword("root1");
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("configurationHibernateEncryptor", strongEncryptor);
try{
factory = new Configuration().configure().buildSessionFactory();
factory = cf.buildSessionFactory();*/
}catch (Throwable ex) {
System.err.println("Failed to create sessionFactory object." + ex);
throw new ExceptionInInitializerError(ex);
}
HibernateDemo ME = new HibernateDemo();
ME.listEmployees();
}
public void listEmployees( ){
Session session = factory.openSession();
Transaction tx = null;
try{
tx = session.beginTransaction();
List employees = session.createQuery("FROM Emp).list();
for (Iterator iterator =
employees.iterator(); iterator.hasNext();){
Emp employee = (Emp) iterator.next();
System.out.print("First Name: " + employee.getFirstName() );
System.out.print(" Last Name: " + employee.getLastName());
}
}catch (HibernateException e) {
//if (tx!=null) tx.rollback();
e.printStackTrace();
}finally {
session.close();
}
}
}

When I execute the program I am getting following exception:
ERROR: ORA-01017: invalid username/password; logon denied

org.hibernate.QueryTimeoutException: Could not open connection
at org.hibernate.exception.internal.SQLStateConversionDelegate.convert(SQLStateConversionDelegate.java:151)
at org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:49)
at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:125)
at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:110)
at org.hibernate.engine.jdbc.internal.LogicalConnectionImpl.obtainConnection(LogicalConnectionImpl.java:221)
at org.hibernate.engine.jdbc.internal.LogicalConnectionImpl.getConnection(LogicalConnectionImpl.java:157)
at org.hibernate.engine.transaction.internal.jdbc.JdbcTransaction.doBegin(JdbcTransaction.java:67)
at org.hibernate.engine.transaction.spi.AbstractTransactionImpl.begin(AbstractTransactionImpl.java:160)
at org.hibernate.internal.SessionImpl.beginTransaction(SessionImpl.java:1426)
at org.ets.HibernateDemo.listEmployees(HibernateDemo.java:74)
at org.ets.HibernateDemo.main(HibernateDemo.java:53)
Caused by: java.sql.SQLException: ORA-01017: invalid username/password; logon denied

at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:389)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:382)
at oracle.jdbc.driver.T4CTTIfun.processError(T4CTTIfun.java:600)
at oracle.jdbc.driver.T4CTTIoauthenticate.processError(T4CTTIoauthenticate.java:445)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
-----------------------
---------------------

I am not able to figure out where exactly I have gone wrong. Any help on this is highly appriciated.

Hi guys,

Encryption of database password using Jasypt is pretty straightforward. For the newer versions of Hibernate (4.2.x, 4.3.x) the existing jasypt-hibernate4 library will not work, you can use the extension I have developed which is available from Maven Central.
Details on getting it and how to use it are available on the project page: https://github.com/hpadmanabhan/jasypt-hibernate4-ext

Please refer to the Integration Test source code available there to answer your questions on how to get this working.

What about Hibernate 5? I could not have a Jasypt implement for Hibernate 5. Will jasypt-hibernate4 work?