File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Websphere and the fly likes JDBC Connection Pool Password Encryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Websphere
Bookmark "JDBC Connection Pool Password Encryption" Watch "JDBC Connection Pool Password Encryption" New topic

JDBC Connection Pool Password Encryption

PJ Crump
Ranch Hand

Joined: Feb 06, 2002
Posts: 51
Using WAS 5.1.
The Connection Pooling works just great however I cannot continue to allow my DB ID/Password to be visible to the users of the WAS console (currently it is in the Custom Properties tab of the Connection Pool.
What do I need to do in order to eliminate this - Ideally I'd like to place the DB ID/PW into an encrypted file and decrypt it when the pool is created? Any Help??
Derek Stodghill

Joined: Feb 24, 2005
Posts: 3
Try this.

Open the server configuration file and select the security tab. Under the section "Jaas Authentication Entries" click the add button. Fill in the data for the alias (can be anything but I use DefaultNode/UserId), user id, and the password (note the description is optional). You can also do the previous part in the admin console somewhere but I can't remember where off the top of my head.

Go to the administrator console, expand the Resources node and select jdbc providers. Click the link to your data source from the appropriate scope. Select data sources from additional properties (at bottom) and then select your data source from the list.

Scroll down and change container-managed (or component-managed if necessary) authentication alias to DefaultNode/UserId (or whatever you specified the alias to be). Finally click Ok then save.

Your userid and password will be stored somewhere under the servers directory in security.xml. If you open it up you'll notice that the password has been encrypted.

Hope this helps,
I agree. Here's the link:
subject: JDBC Connection Pool Password Encryption
It's not a secret anymore!