Hi there,
Originally posted by Raghunandan Mamidala:
Our application uses a FTP, SMTP, BO sever, we have a requirement to store all passwords in database encrypted and retrieve it from java. How do I achieve this? are there any tools already available for this ?
If you're looking for a basic solution, the std JDK provides basic encrypt and decrypt functionality based on a few basic algorithms, just Google "java encrypt passwords" to see lots of examples.
Storing the Password
--------------------
You can use a stand alone java 'user' administration utility to encrypt a password for a user and store that password as a
string in the database (std varchar field). A common gotcha here is the maximum length of an encrypted string after you encrypt it, make sure it fits in your database column!
Many database vendors also supply standalone tools or SQL functions for this (take plain text password and encrypt it).
Retrieving the password
-----------------------
When the 'user' then enters a plain text password for the relevant part of your system you 'simply compare' their password against the password in the database (see below).
You can do this in 2 ways, either:
* Encrypt the password coming in and compare that against the value in your database
OR
* Decrypt the password in the database and compare that against the value coming in.
Cheers,
Martijn