aspose file tools *
The moose likes JDBC and the fly likes (urgent) Any alternative of hardcoded password in JDBC URL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC
Bookmark "(urgent) Any alternative of hardcoded password in JDBC URL" Watch "(urgent) Any alternative of hardcoded password in JDBC URL" New topic
Author

(urgent) Any alternative of hardcoded password in JDBC URL

Darshan Bhavsar
Greenhorn

Joined: Dec 06, 2001
Posts: 26
con=DriverManager.getConnection("jdbc:oracle:thin:@172.16.37.1:1520:A","it","it")
In the above text ,we can see the password
can i not hide this password.
Any help is appreceated .
Thanks in advanc
Urgent
[ Edited by Dave to fix the ]
[ February 01, 2002: Message edited by: David O'Meara ]
Jeff Price
Greenhorn

Joined: Jan 31, 2002
Posts: 2
Are you worried about the password being read from your source code, as it flies across the network, or what?
I read my password out of an INI file, where it is encrypted (weakly, but keeps people from reading it easily).
It could still be read off the wire, but no simple way to solve that. Keeps it out of the source code, too.
Les Dsouza
Greenhorn

Joined: Jan 29, 2002
Posts: 27
If you want to avoid hardcoding the url in your class then it is better to read the password etc from a property file. This way you only need to change the property file if the password changes.
However the property file itself is a plain text file, so you should make sure that the server itself is not accessible everyone!!
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

"Les D",
The Java Ranch has thousands of visitors every week, many with surprisingly similar names. To avoid confusion we have a naming convention, described at http://www.javaranch.com/name.jsp .
We require names to have at least two words, separated by a space, and strongly recommend that you use your full real name. Please re-register and select a new name which meets the requirements.
Thanks.
Dave
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: (urgent) Any alternative of hardcoded password in JDBC URL