Clever Geek Handbook

How to encrypt database password before sending to server using Spring MVC data source context?

I have a Spring MVC application that connects to a Sybase 15.5 server. Now the database server has been upgraded to Sybase 15.7 and they have set Password Encryption ON on the server. This means that the client must encrypt the database password before sending it to the database server. I have a password in my properties file.

The question is, how can I encrypt the password in the Spring context file before sending it to the database server?

Current Spring Context File:

<!-- ========================== Data Source [Start] ================================================================== -->
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close">
    <property name="driverClass" value="${jdbc.driverClassName}" />
    <property name="jdbcUrl" value="${jdbc.url}" />
    <property name="user" value="${jdbc.username}" />
    <property name="password" value="${jdbc.password}" />
    <property name="initialPoolSize" value="${jdbc.initialPoolSize}"/>
    <property name="minPoolSize" value="${jdbc.minPoolSize}"/>
    <property name="maxPoolSize" value="${jdbc.maxPoolSize}"/>
    <!-- <property name="timeout"><value>0</value></property> -->   <!-- 0 means: no timeout -->
    <property name="idleConnectionTestPeriod"><value>200</value></property>
    <property name="acquireIncrement"><value>1</value></property>
    <property name="maxStatements"><value>0</value></property>  <!-- 0 means: statement caching is turned off.  -->
    <property name="numHelperThreads"><value>3</value></property>  <!-- 3 is default --> 
</bean>
<!-- ========================== Data Source [End] ==================================================================== -->
+3


source to share


2 answers


I think you can use an internal bean to encrypt your pwd before sending it. Do they require a specific encryption method?



0


source


I was able to achieve this using url approach finally. This uses the com.certicom.ecc.jcae.Certicom class for encryption.

Steps:



  • Modify jdbc url in properties file as shown below. jdbc.url = JDBC: Sybase: Tds: hostname: port / dbname ENCRYPT_PASSWORD = TRUE, & amp; JCE_PROVIDER_class = com.certicom.ecc.jcae.Certicom

  • Place below 3 jars files in build path.

    EccpressoFIPSJca.jar, EccpressoFIPS.jar, jconn4-7.07.jar

This will allow these APIs to be used to encrypt the database password before being sent over the pipe to the Sybase 15.7 server. Hope this helps. Thank.

0


source






More articles:


All Articles