openjpa-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wang yu <wangy...@gmail.com>
Subject Re: How to encrypt DB password in persistence.xml
Date Fri, 15 May 2009 07:33:15 GMT
Hi Kevin,
Thank you. You had real good solutions but unfortunately neither of
them is feasible for our project.
We use Apache dbcp datasource to leverage DB connection pool and
tomcat 5.5 as app server.
Following is a fragment of our persistence.xml:
			<property name="openjpa.ConnectionDriverName"
value="org.apache.commons.dbcp.BasicDataSource" />
						
			<property name="openjpa.ConnectionProperties"
				value="driverClassName=org.apache.derby.jdbc.ClientDriver,
url=jdbc:derby://localhost:1527/TSAM;create=true, username=app,
password=app, maxActive=30, maxWait=10000,
poolPreparedStatements=true" />

How to encrypt password under  this situation? Or should I adopt
alternative connection pool implementation to make password encryption
easier?

if no better solution, I guess I only have two choices
1. Give up apache dbcp.
2. Modify source code of apache dbcp.

Regards,
Yu Wang




On Thu, May 14, 2009 at 10:54 PM, Kevin Sutter <kwsutter@gmail.com> wrote:
> Hi,
> JPA does not define this functionality.  You could pass in the password via
> the application instead of hard-coding it in a persistence.xml.  Or, if you
> are in an app server environment, you should use a jndi lookup of a
> datasource.  This would be the most secure.
>
> Kevin
>
> On Tue, May 12, 2009 at 4:31 AM, wang yu <wangyumi@gmail.com> wrote:
>
>> As title.
>>
>> Regards,
>> Yu Wang
>>
>

Mime
View raw message