openjpa-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Dick <michael.d.d...@gmail.com>
Subject Re: How to encrypt DB password in persistence.xml
Date Fri, 14 Aug 2009 03:27:14 GMT
Hi,
OpenJPA doesn't know (or care) how much of the password is encrypted - that
determination is up to the encryption provider (ie your code). So if the
encryption provider can figure out which parts of the string need to be
decrypted and which parts do not then you should be set.

I just reopened the issue to port it to version 1.3.0 so this feature will
be available in the next major (2.0.0) and minor (1.3.0) versions of
OpenJPA.

In the mean time you can grab a nightly build from the builds
page<http://openjpa.apache.org/downloads.html> (look
for 2.0.0-SNAPSHOT). I'll  try to get the fix ported to 1.3.0 this weekend
too.

-mike



On Thu, Aug 13, 2009 at 8:58 PM, wang yu <wangyumi@gmail.com> wrote:

> Mike,
> Thanks a lot!
> Since I used DBCP datasource as following:
>        <property name="openjpa.ConnectionProperties"
>
>  value="driverClassName=oracle.jdbc.driver.OracleDriver,
> url=jdbc:oracle:thin:@localhost:1521:orcl, username=XXX, password=XXX,
> maxActive=8, maxWait=10000, poolPreparedStatements=true" />
>
>
> May I  encrypt a sub string of property value rather than full
> property value string?
>
> Anyway, when will this feature be available? In a new release or a
> rolling patch?
>
> Regards,
> Yu Wang
>
>
> On Fri, Aug 7, 2009 at 9:33 PM, Michael Dick<michael.d.dick@gmail.com>
> wrote:
> > Hi Yu,
> >
> > At the moment our support allows you to specify an 'Encryption Provider'
> > which handles the encryption / decryption of a password. We aren't
> providing
> > a tool to do the actual encryption - just a plugin point for other tools.
> >
> > It sounds like you have written the encryption code in your extension for
> > DBCP so it should be fairly easy to wrap in an encryption provider.
> >
> > Hope this helps,
> > -mike
> >
> > On Fri, Aug 7, 2009 at 1:25 AM, wang yu <wangyumi@gmail.com> wrote:
> >
> >> Rick,
> >> Thank you for your information. I have resolved this issue by
> >> modifying dbcp source code.
> >> The bad part is dbcp can be built with jdk 1.4 only which made build
> >> system little bit complicated:-)
> >>
> >> If you can deliver encryption feature in next release, I'll be very
> >> pleased to use it.
> >>
> >> Regards,
> >> Yu Wang
> >>
> >>
> >> On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<curtisr7@gmail.com> wrote:
> >> >
> >> > Yu Wang -
> >> >
> >> > OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware
> >> that a
> >> > change was made.
> >> >
> >> > Thanks -
> >> > Rick
> >> >
> >> > [1] https://issues.apache.org/jira/browse/OPENJPA-1089
> >> > --
> >> > View this message in context:
> >>
> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
> >> > Sent from the OpenJPA Users mailing list archive at Nabble.com.
> >> >
> >>
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message