Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

encrypting password in hibernate config file?

 
Franck McGeough
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Another beginner question. Is there a standard way for Hibernate apps to secure the database password? I'm not allowed to simply store the password in plain text in the hibernate.cfg.xml file and if there is a generally accepted practice for how to do this then I'd prefer to use it rather than invent my own.
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, first, move the jdbc "loggin" stuff out of your hibernate config file and create a DataSource on your app or web server. But the config for the datasource will have that information, but it is pretty well secure. Someone can't just connect to your server and get that file, unless they already have the permission you need to actually know the password anyway.

Mark
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic