• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Tim Cooke
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Frank Carver
  • Henry Wong
  • Ron McLeod
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Himai Minh

making secure connection with database

 
Ranch Hand
Posts: 658
2
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

K&B book for OCA/OCP7
page no. 855
it's a horrible idea to hard code a username and password int the getconnection() method. obviously, anyone reading the code would then know the username and password to the database. A more secure way to handle database credentials would be to separate the code that produces the credentials from the code that make the connection.


could someone please explain me practically how can i do this ?
 
author & internet detective
Posts: 41250
849
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Puspender,
The best way is to use a DataSource. If your application is being run on a server (Tomcat, WebSphere, etc), this lets the application know nothing about the password. If you can't do this setup on the server side, you can use a property file with an encrypted password.
 
Puspender Tanwar
Ranch Hand
Posts: 658
2
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Jeanne Boyarsky wrote:Puspender,
The best way is to use a DataSource. If your application is being run on a server (Tomcat, WebSphere, etc), this lets the application know nothing about the password. If you can't do this setup on the server side, you can use a property file with an encrypted password.


thank you jeanne, but i have just started learning JDBC, don't know much about DataSource. Just know that it is better than DataManager.
how to use DataSource, just same like DataManager (replacing DataManager with DataSource ??
 
Jeanne Boyarsky
author & internet detective
Posts: 41250
849
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can start learning about a DataSource with the DataSource trail at Oracle's tutorials
 
Sheriff
Posts: 11604
178
Hibernate jQuery Eclipse IDE Spring MySQL Database AngularJS Tomcat Server Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Puspender Tanwar wrote:thank you jeanne, but i have just started learning JDBC, don't know much about DataSource. Just know that it is better than DataManager.


There's no such thing as a DataManager in JDK7. I assume you are probably refering to java.sql.DriverManager

Puspender Tanwar wrote:how to use DataSource, just same like DataManager (replacing DataManager with DataSource ??


If you are preparing for the OCPJP7 certification exam (as it seems from the quote in your first post) you don't need to know much about DataSource, just the basic stuff. If you check Oracle's Java Tutorial for the Java SE 7 Programmer II exam, you'll encounter the Connecting with DataSource Objects item in section 9 (Building Database Applicatons with JDBC).

Hope it helps!
Kind regards,
Roel
 
Puspender Tanwar
Ranch Hand
Posts: 658
2
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Roel De Nijs wrote:There's no such thing as a DataManager in JDK7. I assume you are probably refering to java.sql.DriverManager Roel


sorry for mistyping . Thank you Roel

Roel wrote:If you are preparing for the OCPJP7 certification exam (as it seems from the quote in your first post) you don't need to know much about DataSource, just the basic stuff. If you check Oracle's Java Tutorial for the Java SE 7 Programmer II exam, you'll encounter the Connecting with DataSource Objects item in section 9 (Building Database Applicatons with JDBC).Roel


yes you guessed it right, i am preparing for OCP. Well Roel, you have smart catchy eyes
actually i am learning this for my personal knowledge. I tried it on oracle tutorial but found something tough, may be when i go through that again, i will understand
Roel, does this interface is mostly used in JEE only ?
 
Roel De Nijs
Sheriff
Posts: 11604
178
Hibernate jQuery Eclipse IDE Spring MySQL Database AngularJS Tomcat Server Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Puspender Tanwar wrote:actually i am learning this for my personal knowledge. I tried it on oracle tutorial but found something tough, may be when i go through that again, i will understand
Roel, does this interface is mostly used in JEE only ?


Yes, in webapplications and JEE the DataSource interface is used extensively. You configure them in your application server (e.g. Tomcat). So you don't have username and password in your code and you can easily (out-of-the-box) use connections pools as well. It's definitely a common thing to do. The past 5-10 years I have only used DriverManager.getConnection for certification purposes only
 
I'm doing laundry! Look how clean this tiny ad is:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic