I am using JPA(Hibernate) as ORM. My Persistance xml looks like
<persistence-unit name="JPATestPU" transaction-type="RESOURCE_LOCAL">
<property name = "hibernate.connection.driver_class" value = "oracle.jdbc.driver.OracleDriver"/>
<property name = "hibernate.connection.url" value = "jdbcracle:thin:@100.100.100.100:1521:ecprod"/>
<property name = "hibernate.connection.username" value = "abcd"/>
<property name = "hibernate.connection.password" value = "*******"/>
I do not want to display the password in this xml file. Is there any way to hide thi password value.
Thanks in advance.
If your hypothetical "bad people" have access to that file, they already have access to your machine, and you're already way more screwed than if they just had access to the DB.
Joined: Sep 27, 2010
Yes, correct I understand your point.
But the requirement is not display username, password in the XML .
I am thinking if
1) I could encrypt the password and place it in a properties file
2) use a datasource thru jndi
Can anyone suggest any standard way?