ibatis-user-java mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Larry Meadors <larry.mead...@gmail.com>
Subject Re: Password Encryption
Date Fri, 16 Oct 2009 14:21:37 GMT
:)

...and if I can get to one of those files I can get to the other and
still own your password in a matter of minutes.

Larry



On 10/15/09, Ejaz X Mohammed <ejaz.mohammed@jpmorgan.com> wrote:
> Works!
>
> I just override the initialize method ...
>
>     public void initialize(Map map) {
>         EventConfig ec = EventConfig.getInstance();
>
>         String pass =
> PasswordUtility.getInstance().getDecodedPassword(ec.getJdbcPassword());
>         pass = pass.trim();
>
>         map.put("JDBC.Password", pass);
>         logger.debug("Inside initialize -- ");
>         super.initialize(map);
>     }
>
>
> From: Rick.Wellman [mailto:Rick.Wellman@kiewit.com]
> Sent: Thursday, October 15, 2009 1:59 PM
> To: user-java@ibatis.apache.org
> Subject: RE: Password Encryption
>
> I needed to use the following technique to solve a similar challenge
> recently and, though seemingly obvious, I found no references on the web.  I
> cannot give it a full stamp of approval but it is working for us so far:
>
> 1)      Extend the iBatis class SimpleDataSourceFactory:
> public class YourClass extends SimpleDataSourceFactory { ... }
>
> 2)      Find a way to override access to the property JDBC.Password [sorry
> that I cannot take the time to do this for you but if memory serves, you
> should be able to do this]
>
> 3)      Modify your configuration as follows [note that JDBC.Password is
> missing because it will presumably be retrieved at runtime]:
>
>     <transactionManager type="JDBC" >
>         <dataSource type="your.package.YourClass">
>             <property name="JDBC.Driver" value="${jdbc.driver}"/>
>             <property name="JDBC.ConnectionURL" value="${jdbc.url}"/>
>             <property name="JDBC.Username" value="${jdbc.user}"/>
>             <property name="JDBC.DefaultAutoCommit" value="true"/>
>         </dataSource>
>     </transactionManager>
>
>
> From: Ejaz X Mohammed [mailto:ejaz.mohammed@jpmorgan.com]
> Sent: Thursday, October 15, 2009 1:33 PM
> To: user-java@ibatis.apache.org
> Subject: RE: Password Encryption
>
> I'm using SIMPLE transactionmanager
>
>     <transactionManager type="JDBC" >
>         <dataSource type="SIMPLE">
>             <property name="JDBC.Driver" value="${jdbc.driver}"/>
>             <property name="JDBC.ConnectionURL" value="${jdbc.url}"/>
>             <property name="JDBC.Username" value="${jdbc.user}"/>
>             <property name="JDBC.Password" value="${jdbc.password}"/>
>             <property name="JDBC.DefaultAutoCommit" value="true"/>
>         </dataSource>
>     </transactionManager>
>
>
> From: Rick.Wellman [mailto:Rick.Wellman@kiewit.com]
> Sent: Thursday, October 15, 2009 12:51 PM
> To: user-java@ibatis.apache.org
> Subject: RE: Password Encryption
>
> Depending on the DataSource you are using, you might be able extend that
> class to override a particular property/method call.  Can you describe your
> iBatis configuration? (i.e. sqlMap.xml, are you using Spring, what
> datasource are you using)
>
> From: Ejaz X Mohammed [mailto:ejaz.mohammed@jpmorgan.com]
> Sent: Thursday, October 15, 2009 12:41 PM
> To: user-java@ibatis.apache.org
> Subject: Password Encryption
>
> Hello,
>
> I have encrypted password in properties file.
>
> To decrypt I have to call a function.
>
> How can I make ibatis call this function to get decrypted password before
> making jdbc connection?
>
> Thanks
> Ejaz
>
> This email is confidential and subject to important disclaimers and
> conditions including on offers for the purchase or sale of securities,
> accuracy and completeness of information, viruses, confidentiality, legal
> privilege, and legal entity disclaimers, available at
> http://www.jpmorgan.com/pages/disclosures/email.
>
> This email is confidential and subject to important disclaimers and
> conditions including on offers for the purchase or sale of securities,
> accuracy and completeness of information, viruses, confidentiality, legal
> privilege, and legal entity disclaimers, available at
> http://www.jpmorgan.com/pages/disclosures/email.
>
>
> This email is confidential and subject to important disclaimers and
> conditions including on offers for the purchase or sale of
> securities, accuracy and completeness of information, viruses,
> confidentiality, legal privilege, and legal entity disclaimers,
> available at http://www.jpmorgan.com/pages/disclosures/email.

-- 
Sent from my mobile device

---------------------------------------------------------------------
To unsubscribe, e-mail: user-java-unsubscribe@ibatis.apache.org
For additional commands, e-mail: user-java-help@ibatis.apache.org


Mime
View raw message