• Post Reply Bookmark Topic Watch Topic
  • New Topic

encrypting password in hibernate config file?  RSS feed

 
Franck McGeough
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Another beginner question. Is there a standard way for Hibernate apps to secure the database password? I'm not allowed to simply store the password in plain text in the hibernate.cfg.xml file and if there is a generally accepted practice for how to do this then I'd prefer to use it rather than invent my own.
 
Mark Spritzler
ranger
Sheriff
Posts: 17309
11
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, first, move the jdbc "loggin" stuff out of your hibernate config file and create a DataSource on your app or web server. But the config for the datasource will have that information, but it is pretty well secure. Someone can't just connect to your server and get that file, unless they already have the permission you need to actually know the password anyway.

Mark
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!