Return-Path: Delivered-To: apmail-ibatis-user-java-archive@www.apache.org Received: (qmail 53917 invoked from network); 21 Apr 2009 15:00:35 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 21 Apr 2009 15:00:35 -0000 Received: (qmail 5560 invoked by uid 500); 21 Apr 2009 15:00:34 -0000 Delivered-To: apmail-ibatis-user-java-archive@ibatis.apache.org Received: (qmail 5546 invoked by uid 500); 21 Apr 2009 15:00:34 -0000 Mailing-List: contact user-java-help@ibatis.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user-java@ibatis.apache.org Delivered-To: mailing list user-java@ibatis.apache.org Received: (qmail 5538 invoked by uid 99); 21 Apr 2009 15:00:34 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 21 Apr 2009 15:00:34 +0000 X-ASF-Spam-Status: No, hits=2.9 required=10.0 tests=HTML_MESSAGE,SPF_SOFTFAIL X-Spam-Check-By: apache.org Received-SPF: softfail (athena.apache.org: transitioning domain of oconnell@gorillachicago.com does not designate 209.85.219.174 as permitted sender) Received: from [209.85.219.174] (HELO mail-ew0-f174.google.com) (209.85.219.174) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 21 Apr 2009 15:00:27 +0000 Received: by ewy22 with SMTP id 22so2355874ewy.0 for ; Tue, 21 Apr 2009 08:00:05 -0700 (PDT) MIME-Version: 1.0 Received: by 10.210.35.17 with SMTP id i17mr7190808ebi.28.1240326005039; Tue, 21 Apr 2009 08:00:05 -0700 (PDT) In-Reply-To: <49EDDD11.6000407@acadiasoft.com> References: <49EDDD11.6000407@acadiasoft.com> Date: Tue, 21 Apr 2009 10:00:05 -0500 Message-ID: <535a60b10904210800wae20517ke56fef794e287910@mail.gmail.com> Subject: Re: Sql Map file From: "Chris O'Connell" To: user-java@ibatis.apache.org Content-Type: multipart/alternative; boundary=0015174c17a8efa3ab046811e66a X-Virus-Checked: Checked by ClamAV on apache.org --0015174c17a8efa3ab046811e66a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I would suggest the appserver route. In at least the version of weblogic that I am using, the password is saved to the file system, but it is encrypted in the config file. If that isn't possible, just encrypt the password yourself and put some decryption code in an extension of the datasource. On Tue, Apr 21, 2009 at 9:49 AM, Alex Sherwin wrote: > Not sure about doing it programatically, but it's going to end up being > cleartext (or close to it) somewhere... > > For example when you use a connection pool in an app server, the > user/password ends up being plain text in your domains configuration file... > I believe most people focus on securing the deployment so that the files > cannot be read by users without proper permissions > > > > > Jhaver, Rishi wrote: > >> Hi >> I'm new to Ibatis and was wondering if anyone's faced this issue before. >> Couldn't find a solution on the website FAQs. >> I have the following in my sqlmapconfig file. >> >> >> > value="oracle.jdbc.driver.OracleDriver"/> >> >> >> >> >> >> I dont want the user name and password to be exposed as clear text in a >> config file. >> Is there a way to hide this information, maybe by passing the information >> programmatically or using another way. >> My main concern is to not keep the user credentials in clear text in a >> config file. >> Thanks >> Rishi... >> >> > > > -- -- Chris O'Connell Application Developer Gorilla 312.243.8777 x19 --0015174c17a8efa3ab046811e66a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable I would suggest the appserver route. =C2=A0In at least the version of weblo= gic that I am using, the password is saved to the file system, but it is en= crypted in the config file. =C2=A0If that isn't possible, just encrypt = the password yourself and put some decryption code in an extension of the d= atasource.

On Tue, Apr 21, 2009 at 9:49 AM, Alex Sherwi= n <alex= .sherwin@acadiasoft.com> wrote:
Not sure about doing it programatically, but it's going to end up being= cleartext (or close to it) somewhere...

For example when you use a connection pool in an app server, the user/passw= ord ends up being plain text in your domains configuration file... =C2=A0I = believe most people focus on securing the deployment so that the files cann= ot be read by users without proper permissions




Jhaver, Rishi wrote:
Hi
=C2=A0I'm new to Ibatis and was wondering if anyone's faced this is= sue before.
Couldn't find a solution on the website FAQs.
=C2=A0I have the following in my sqlmapconfig file.
=C2=A0 =C2=A0<transactionManager type=3D"JDBC" commitRequired= =3D"false">
=C2=A0 =C2=A0<dataSource type=3D"SIMPLE">
=C2=A0 =C2=A0 =C2=A0<property name=3D"JDBC.Driver" value=3D&q= uot;oracle.jdbc.driver.OracleDriver"/>
=C2=A0 =C2=A0 =C2=A0<property name=3D"JDBC.ConnectionURL" val= ue=3D"jdbc:oracle:thin:@XXX1:9999:XXX1"/>
=C2=A0 =C2=A0 =C2=A0<property name=3D"JDBC.Username" value=3D= "XXX"/>
=C2=A0 =C2=A0 =C2=A0<property name=3D"JDBC.Password" value=3D= "XXX"/>
=C2=A0 =C2=A0</dataSource>
=C2=A0</transactionManager>
I dont want the user name and password to be exposed as clear text in a con= fig file.
Is there a way to hide this information, maybe by passing the information p= rogrammatically or using another way.
My main concern is to not keep the user credentials in clear text in a conf= ig file.
=C2=A0=C2=A0Thanks
Rishi...
=C2=A0





--
--
Chri= s O'Connell
Application Developer
Gorilla
312.243.8777 x19
=
--0015174c17a8efa3ab046811e66a--