• Post Reply Bookmark Topic Watch Topic
  • New Topic

Security question - Securing the config files (ex. .properties file) of your program ?  RSS feed

 
Ranch Hand
Posts: 107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The .properties file in my eclipse java project contains username and password to connect to a DB. I feel that this may be insecure. Someone can simply read these (text) files.
Is there a way to make it more secure ? Or should i use some other way to store and load properties ?
Is the .properties file used often in the your company/team ?

 
Sheriff
Posts: 3015
12
Firefox Browser IntelliJ IDE Java Mac Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Generally speaking, you don't want the database password in the clear on the file system. An enterprise Java application, like an app server would make some attempt to encrypt such a password. JBoss does this with its new "Vault". However, unless there's going to be some degree of interaction, the key for decrypting the password has to be stored somewhere, so really you're just making it harder, not impossible, for a hacker with access to your file system.
 
Sheriff
Posts: 11496
180
Android Debian Eclipse IDE IntelliJ IDE Java Linux Mac Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Funny you should ask. That's exactly what I'm doing right now for my work, using Jasypt: http://jasypt.org
 
justin smythhe
Ranch Hand
Posts: 107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Junilu Lacar wrote:Funny you should ask. That's exactly what I'm doing right now for my work, using Jasypt: http://jasypt.org


Right now, I am not able to even visualize a solution to this problem. How would we design a (simple) software or a system to address this issue ?
 
Bartender
Posts: 10575
66
Eclipse IDE Hibernate Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
justin smythhe wrote:Right now, I am not able to even visualize a solution to this problem. How would we design a (simple) software or a system to address this issue ?

Well, there's an example on the very page that Junilu linked you to. I have to admit to not having used Jasypt, but the example looks pretty straightforward.

Winston
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!