Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

making secure connection with database

 
Puspender Tanwar
Ranch Hand
Posts: 397
2
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
K&B book for OCA/OCP7
page no. 855
it's a horrible idea to hard code a username and password int the getconnection() method. obviously, anyone reading the code would then know the username and password to the database. A more secure way to handle database credentials would be to separate the code that produces the credentials from the code that make the connection.

could someone please explain me practically how can i do this ?
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 35279
384
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Puspender,
The best way is to use a DataSource. If your application is being run on a server (Tomcat, WebSphere, etc), this lets the application know nothing about the password. If you can't do this setup on the server side, you can use a property file with an encrypted password.
 
Puspender Tanwar
Ranch Hand
Posts: 397
2
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne Boyarsky wrote:Puspender,
The best way is to use a DataSource. If your application is being run on a server (Tomcat, WebSphere, etc), this lets the application know nothing about the password. If you can't do this setup on the server side, you can use a property file with an encrypted password.

thank you jeanne, but i have just started learning JDBC, don't know much about DataSource. Just know that it is better than DataManager.
how to use DataSource, just same like DataManager (replacing DataManager with DataSource ??
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 35279
384
Eclipse IDE Java VI Editor
 
Roel De Nijs
Sheriff
Posts: 10662
144
AngularJS Chrome Eclipse IDE Hibernate Java jQuery MySQL Database Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Puspender Tanwar wrote:thank you jeanne, but i have just started learning JDBC, don't know much about DataSource. Just know that it is better than DataManager.

There's no such thing as a DataManager in JDK7. I assume you are probably refering to java.sql.DriverManager

Puspender Tanwar wrote:how to use DataSource, just same like DataManager (replacing DataManager with DataSource ??

If you are preparing for the OCPJP7 certification exam (as it seems from the quote in your first post) you don't need to know much about DataSource, just the basic stuff. If you check Oracle's Java Tutorial for the Java SE 7 Programmer II exam, you'll encounter the Connecting with DataSource Objects item in section 9 (Building Database Applicatons with JDBC).

Hope it helps!
Kind regards,
Roel
 
Puspender Tanwar
Ranch Hand
Posts: 397
2
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Roel De Nijs wrote:There's no such thing as a DataManager in JDK7. I assume you are probably refering to java.sql.DriverManager Roel

sorry for mistyping . Thank you Roel

Roel wrote:If you are preparing for the OCPJP7 certification exam (as it seems from the quote in your first post) you don't need to know much about DataSource, just the basic stuff. If you check Oracle's Java Tutorial for the Java SE 7 Programmer II exam, you'll encounter the Connecting with DataSource Objects item in section 9 (Building Database Applicatons with JDBC).Roel

yes you guessed it right, i am preparing for OCP. Well Roel, you have smart catchy eyes
actually i am learning this for my personal knowledge. I tried it on oracle tutorial but found something tough, may be when i go through that again, i will understand
Roel, does this interface is mostly used in JEE only ?
 
Roel De Nijs
Sheriff
Posts: 10662
144
AngularJS Chrome Eclipse IDE Hibernate Java jQuery MySQL Database Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Puspender Tanwar wrote:actually i am learning this for my personal knowledge. I tried it on oracle tutorial but found something tough, may be when i go through that again, i will understand
Roel, does this interface is mostly used in JEE only ?

Yes, in webapplications and JEE the DataSource interface is used extensively. You configure them in your application server (e.g. Tomcat). So you don't have username and password in your code and you can easily (out-of-the-box) use connections pools as well. It's definitely a common thing to do. The past 5-10 years I have only used DriverManager.getConnection for certification purposes only
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic