Hide password in datasource config

**Eggi** · Aug 14th, 2006, 03:08 PM

Hi all,
does anyone have an idea how I can hide/encrypt the password for a datasource configuration? Maybe you can give me a little example.

Code:

<bean id="localMySqlDataSource" class="org.apache.commons.dbcp.BasicDataSource">
		<property name="driverClassName">
			<value>com.mysql.jdbc.Driver</value>
		</property>
		<property name="url">
			<value>jdbc:mysql://localhost/test</value>
		</property>
		<property name="username">
			<value>root</value>
		</property>
		<property name="password">
			<value>howCanIHideThis</value>
		</property>
</bean>

Thanks,
Alex

**epitoman** · Aug 14th, 2006, 03:23 PM

Subclass BasicDataSource and override setPassword where you decode the password. However if the intruder is smart he or she would decompile your class and then decode the password

**wpoitras** · Aug 14th, 2006, 03:43 PM

Originally Posted by epitoman

Subclass BasicDataSource and override setPassword where you decode the password. However if the intruder is smart he or she would decompile your class and then decode the password

Actually you should probably subclass DelegatingDataSource and delegate to whatever datasource you are using. That way you wouldn't have to tie yourself to a particular datasource implementation (ie you later decide to move to a database pool like C3P0).

Just override getConnection and getConnection(String,String) to perform the decryption. Maybe call the class DecryptingDataSourceWrapper.

**belugabob** · Aug 15th, 2006, 07:51 AM

Try externalising the connection parameters into a properties file.

To do this you need to use PropertyPlacholderConfigurer - which is becoming a bit of a theme on this forum today.

Doing this will allow you to...

Have a different config for each deployment
Keep sensitive information out of the source code
Have a single 'binary' that can be deployed in multiple environments

Enjoy!

Bob

**Eggi** · Aug 15th, 2006, 02:38 PM

when I use the PropertyPlaceholderConfigurer and a property file does I have not the same problem with a clear text information for the password because the property file is not encrypted?

I think I'll subclassing the DelegatingDataSource and use an encrypted property file.

Alex.

**wpoitras** · Aug 15th, 2006, 02:52 PM

Yes, you do have the same problem with a property file. But his point was a property file easier to manage than an XML file which since it contains object wiring information it, is more like code than configuration. Where as a property file is pure configuration.

**Arno Werr** · Aug 15th, 2006, 08:16 PM

I do not see a problem wether a password to a ds for an application server is encrypted or in a clear text.

Code:

<property name="username">
            <value>root</value>
        </property>

Here I see a problem. User root never ever launches application server!!!

**belugabob** · Aug 16th, 2006, 03:54 AM

Eggi,

I didn't explain clearly enough - sorry for that.

As somebody else pointed out, externalising the password puts us in a situation where the developer has visibility of the username/password used for the development environment, but not for the production environment.

It's all a case of sensitivity really, it doesn't hurt too much to trust developers with access to development systems as they can (or at least should) be possible to recreate with minimal effort. Production systems are much more critical to the bottom line of a business and therefore need to be protected from unauthorised access - whether that's malicious or accidental.

The basic philosophy is to be able to configure 'environmental details' at the point of use, without having to modify the binary assets that make up the product.

I hope this clears things up.

Bob

**Eggi** · Aug 17th, 2006, 02:15 AM

Hi Bob,
thanks for explaining - I know what you mean.

Now I have create a subclass of DelegatingDataSource and inject the targetDataSource with the real datasource config (see above). When I overwrite the getConnection and getConnection(user, password) I get following stacktrace:

Code:

	at org.apache.commons.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:116)
	at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:554)
	at org.springframework.jdbc.datasource.DelegatingDataSource.getConnection(DelegatingDataSource.java:68)
	at config.DataSourceWrapper.getConnection(DataSourceWrapper.java:16)
	at org.springframework.orm.hibernate.LocalDataSourceConnectionProvider.getConnection(LocalDataSourceConnectionProvider.java:76)

Here part of config for Hibernate and datasource

Code:

<bean id="dsWrapper" class="config.DataSourceWrapper">
		<property name="targetDataSource" ref="localMySqlDataSource"/>
</bean>
		
<!-- Hibernate SessionFactory -->
<bean id="sessionFactory" class="org.springframework.orm.hibernate.LocalSessionFactoryBean">
		<property name="dataSource">
			<ref local="dsWrapper"/>
		</property>
		<property name="hibernateProperties">
			<ref local="hibernateProperties"/>
		</property>
.....

Here the new class:

Code:

public class DataSourceWrapper extends DelegatingDataSource {

    public Connection getConnection() throws SQLException {
        return super.getConnection("user", "password");
    }

    public Connection getConnection(String username, String password) throws SQLException {
        return super.getConnection("user", "password");
    }
}

Does someone have a hint for me what I'm doing wrong?
___________
Alex

Thread: Hide password in datasource config

Thread Tools

Display

Hide password in datasource config

Posting Permissions