This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes JBoss/WildFly and the fly likes Database username & pwd Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Database username & pwd" Watch "Database username & pwd" New topic
Author

Database username & pwd

Meg Adal
Ranch Hand

Joined: Mar 12, 2002
Posts: 70
In Jboss at present we are keeping the Database username and pwd in db2-ds.xml file in plain text.
Since our database has some importatnt data, from security point we don't want keep the username and pwd in plain text.

Is there any way we can encrypt the same and have Jboss to decrypt and read it?

Thanks in advance.
M.
Jaikiran Pai
Marshal

Joined: Jul 20, 2005
Posts: 9947
    
160

Not sure about the username, but you can encrypt the password as mentioned at EncryptingDataSourcePasswords
[ March 08, 2007: Message edited by: Jaikiran Pai ]

[My Blog] [JavaRanch Journal]
Jan Cumps
Bartender

Joined: Dec 20, 2006
Posts: 2491
    
    8

Is it possible for you to restrict access to that file to:
- read-only for the OS user that runs JBoss,
- read-write for the system administrator
- no access for the rest of the world?

Regards, Jan


OCUP UML fundamental and ITIL foundation
youtube channel
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17249
    
    6

Yes, but it has a couple of steps. You cannot put the encrypted text into the datasource, so you need to put it somewhere else.

So here are the steps.
http://wiki.jboss.org/wiki/Wiki.jsp?page=EncryptingDataSourcePasswords

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
Jan Cumps
Bartender

Joined: Dec 20, 2006
Posts: 2491
    
    8

encrypt the password as mentioned at EncryptingDataSourcePasswords

That's a nice one!

Regards, Jan
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17249
    
    6

Wow, three posts all within the same time. Give or take a minute

Mark
Meg Adal
Ranch Hand

Joined: Mar 12, 2002
Posts: 70
Thank you all for the quick reply
M.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Database username & pwd
 
Similar Threads
Password encryption in tomcat 5.
Saving, getting byte[ ]
Form and Basic Authentication
J2ME Problem
question about getConnection(usr,pwd)