Comments on: Network Data Encryption and Integrity for Thin JDBC Clients http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/ Technology across minds..... Sat, 07 Nov 2009 05:16:49 +0000 http://wordpress.com/ hourly 1 By: Frank http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/#comment-52 Frank Wed, 12 Nov 2008 12:15:17 +0000 http://javasight.wordpress.com/?p=76#comment-52 Thanks Asim. Although its recommended to use the JNDI datasource over Spring managed datasource, I have got contrary opinion/recommendations from the Spring Forum (http://forum.springframework.org/showthread.php?t=60418). Either ways if you were using a Spring manged bean in Spring context you can still encrypt your passwords with API JASYPT[http://www.jasypt.org/]. If it were a JNDI managed resource ,security will be taken care by the Application/Web server(your right on that). Regards, Franklin. Thanks Asim.
Although its recommended to use the JNDI datasource over Spring managed datasource, I have got contrary opinion/recommendations from the Spring Forum (http://forum.springframework.org/showthread.php?t=60418). Either ways if you were using a Spring manged bean in Spring context you can still encrypt your passwords with API JASYPT[http://www.jasypt.org/]. If it were a JNDI managed resource ,security will be taken care by the Application/Web server(your right on that).

Regards,
Franklin.

]]> By: aasimsaleem http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/#comment-51 aasimsaleem Tue, 11 Nov 2008 10:18:48 +0000 http://javasight.wordpress.com/?p=76#comment-51 Excellent article Frank. As a standard in an App. Server environment, you get the datasource from JNDI, even in Spring, beans can be populated through JNDI. Securing the datasource (or any other object), in this case, is the responsiblity of the JNDI architecture. But Frank's article is very true for applications working out of an app. server, inside an App. server, the JNDI approach is preferred. Excellent article Frank.

As a standard in an App. Server environment, you get the datasource from JNDI, even in Spring, beans can be populated through JNDI.
Securing the datasource (or any other object), in this case, is the responsiblity of the JNDI architecture.

But Frank’s article is very true for applications working out of an app. server, inside an App. server, the JNDI approach is preferred.

]]> By: Frank http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/#comment-45 Frank Sun, 26 Oct 2008 07:26:06 +0000 http://javasight.wordpress.com/?p=76#comment-45 Hey Rookie, Well its very much possible to encrypt the datasource. You have multiple options. I remember on Oracle AS when you define you JNDI datasource you can keep clear text password as well as encrypted password. Again this is dependent on the vendor. However if you were using datasources like Spring managed beans then you could use the API JASYPT[http://www.jasypt.org/] like follows datasource.driver=com.mysql.jdbc.Driver datasource.url=jdbc:mysql://localhost/mydb datasource.username=user datasource.password=ENC(G6N718UKyuLQSm02auQPUtm) Hey Rookie,
Well its very much possible to encrypt the datasource. You have multiple options.

I remember on Oracle AS when you define you JNDI datasource you can keep clear text password as well as encrypted password. Again this is dependent on the vendor.

However if you were using datasources like Spring managed beans then you could use the API JASYPT[http://www.jasypt.org/] like follows

datasource.driver=com.mysql.jdbc.Driver
datasource.url=jdbc:mysql://localhost/mydb
datasource.username=user
datasource.password=ENC(G6N718UKyuLQSm02auQPUtm)

]]> By: JAVA_ROOKIE http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/#comment-44 JAVA_ROOKIE Fri, 24 Oct 2008 09:00:30 +0000 http://javasight.wordpress.com/?p=76#comment-44 Hi, Can we encrypt the data sources in similar way in app servers ? if yes how ? Hi,
Can we encrypt the data sources in similar way in app servers ? if yes how ?

]]> By: Network Data Encryption and Integrity for Thin JDBC Clients : Dtv 2009 http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/#comment-10 Network Data Encryption and Integrity for Thin JDBC Clients : Dtv 2009 Fri, 29 Aug 2008 20:39:23 +0000 http://javasight.wordpress.com/?p=76#comment-10 [...] Original post by Frank [...] [...] Original post by Frank [...]

]]> By: Network Data Encryption and Integrity for Thin JDBC Clients : Dtv 2009 http://javasight.wordpress.com/2008/08/29/network-data-encryption-and-integrity-for-thin-jdbc-clients/#comment-11 Network Data Encryption and Integrity for Thin JDBC Clients : Dtv 2009 Fri, 29 Aug 2008 20:39:23 +0000 http://javasight.wordpress.com/?p=76#comment-11 [...] Original post by Frank [...] [...] Original post by Frank [...]

]]>