| Author |
How to avoid hardcoded password and username in JDBC connection
|
Shakuntala Bhajantri
Greenhorn
Joined: Dec 23, 2010
Posts: 4
|
|
HI
i am new to java ,i am trying some example on JDBC but if i want to connect to database i need to mention username and password of my database so ,how to avoid hardcoded password and username in JDBC connection
|
 |
Jon Avadis
Ranch Hand
Joined: Jul 20, 2011
Posts: 49
|
|
|
You could read those values from a file, or you could prompt the user with a console or graphic user interface (GUI).
|
Knowledge Reigns Supreme
|
|
Vijay Tidake
Ranch Hand
Joined: Nov 04, 2008
Posts: 146
|
|
Hi,
If developing the web application ,write the in the web.xml as <context-param>
Thanks
|
The important thing is not to stop questioning.Curiosity has its own reason for existing.
|
|
Campbell Ritchie
Sheriff
Joined: Oct 13, 2005
Posts: 32611
|
|
Welcome to the Ranch 
Can you put them into your database with the password() function? That stores a hash, which you can't reconstruct the password from.
|
|
Rob Spoor
Sheriff
Joined: Oct 27, 2005
Posts: 19216
|
|
I think you misunderstood. Shakuntala is talking about the username / password to use to connect to the database in the first place.
They need to be stored in some external way; a resource file inside the JAR file, a configuration file (preferably using XML or java.util.Properties), the Windows registry (using a third party library or java.util.prefs.Preferences), etc.
|
SCJP 1.4 - SCJP 6 - SCWCD 5
How To Ask Questions How To Answer Questions
|
|
Ashish Bassi
Greenhorn
Joined: Aug 22, 2007
Posts: 11
|
|
|
Eventually in order to make it configurable, password must be in some properties/xml file. I suggest you can keep it in an encoded form in a properties file. You can decode the same in your Java code while making a DB connection
|
|
Campbell Ritchie
Sheriff
Joined: Oct 13, 2005
Posts: 32611
|
|
|
Yes, I had the wrong password. Sorry.
|
|
 |
|
|
subject: How to avoid hardcoded password and username in JDBC connection
|
|
|
0
