ibatis-user-java mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brandon Goodin <brandon.goo...@gmail.com>
Subject Re: Sql Map file
Date Tue, 21 Apr 2009 14:50:43 GMT
You could use JNDI, or can extends the simple datasource and add your own
hashing. I'm not sure why you are that concerned about the password being in
there. If someone gets access to your WEB-INF folder and you don't want them
in there... you have bigger issues my friend. :)


On Tue, Apr 21, 2009 at 9:42 AM, Jhaver, Rishi <RJhaver@wheels.com> wrote:

>  Hi
> I'm new to Ibatis and was wondering if anyone's faced this issue before.
> Couldn't find a solution on the website FAQs.
> I have the following in my sqlmapconfig file.
>   <transactionManager type="JDBC" commitRequired="false">
>     <dataSource type="SIMPLE">
>       <property name="JDBC.Driver"
> value="oracle.jdbc.driver.OracleDriver"/>
>       <property name="JDBC.ConnectionURL" value="jdbc:oracle:thin:@XXX1:
> 9999:XXX1"/>
>       <property name="JDBC.Username" value="XXX"/>
>       <property name="JDBC.Password" value="XXX"/>
>     </dataSource>
>   </transactionManager>
>  I dont want the user name and password to be exposed as clear text in a
> config file.
> Is there a way to hide this information, maybe by passing the information
> programmatically or using another way.
> My main concern is to not keep the user credentials in clear text in a
> config file.
> Thanks
> Rishi...

View raw message