Menu
I'm having trouble encrypting the database password in hibernate.cfg.xml
This is my property file.
<!-- Database connection settings -->
<property name="connection.driver_class">com.microsoft.sqlserver.jdbc.SQLServerDriver</property>
<property name="connection.url">jdbc:sqlserver://localhost:1433;databaseName=TEST;</property>
<property name="connection.username">sa</property>
<!-- Encryption -->
<property name="connection.password">ENC(vMO/j5jfpaU2cUhPVoOk5Q==)</property>
<property name="connection.provider_class">org.jasypt.hibernate4.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider</property>
<property name="connection.encryptor_registered_name">hibernateEncryptor</property>
Then in the HiberanteUtil.java I have this
// Builds session factory.
private static SessionFactory configureSessionFactory()
throws HibernateException {
Configuration configuration = new Configuration().configure();
StandardPBEStringEncryptor encryptor =
new StandardPBEStringEncryptor();
encryptor.setPassword("pass");
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("hibernateEncryptor", encryptor);
ServiceRegistry serviceRegistry = new ServiceRegistryBuilder()
.applySettings(configuration.getProperties()).buildServiceRegistry();
return configuration.buildSessionFactory(serviceRegistry);
}
I've created the encrypted password with encrypt.bat.
Then the error i have is
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'sa'. ClientConnectionId:8033573f-5f52-4fe9-a728-fbe4f57d89c4
If I remove this part
StandardPBEStringEncryptor encryptor =
new StandardPBEStringEncryptor();
encryptor.setPassword("someKey");
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor(
"hibernateEncryptor", encryptor);
I have the same error, so I think it doesn't register but I have no idea how to do it.
This is how i encrypt
UPDATE
The only thing i can made to get it work is something like this, but is not the way i think.
StandardPBEStringEncryptor encryptor =
new StandardPBEStringEncryptor();
encryptor.setPassword("somePass");
encryptor.setAlgorithm("PBEWITHMD5ANDDES");
String pass=encryptor.decrypt("HhpmA/XmJoLro8TYYu4YyA==");
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor(
"hibernateEncryptor", encryptor);
Configuration configuration = new Configuration().configure()
.setProperty("hibernate.connection.encryptor_registered_name","hibernateEncryptor")
.setProperty("hibernate.connection.password",pass);
So i think the problem is with the "hibernateEncryptor", i think i need to register
<typedef name="encryptedString" class="org.jasypt.hibernate4.type.EncryptedStringType">
<param name="encryptorRegisteredName">hibernateEncryptor</param>
<typedef>
But when i put it in hibernate.cfg.xml says invalid mapping, so i add it to a class with annotation but nothing happen cause i think this is read after database connection that is what i want to encrypt. :(
@TypeDef(name="encryptedString",typeClass=org.jasypt.hibernate4.type.EncryptedStringType.class,
parameters= {@Parameter(name="encryptorRegisteredName",value="hibernateEncryptor")})
697
Use the change-passphrase option to change the passphrase. You can also use projdeploy to encrypt a YAML configuration at deployment time. The following are examples of how you can use the encrypt option in the yamles CLI to encrypt an unencrypted YAML configuration.
This is not the proper way to do it but solves.
StandardPBEStringEncryptor encryptor =new StandardPBEStringEncryptor();
encryptor.setPassword("somePass");
encryptor.setAlgorithm("PBEWITHMD5ANDDES");
Configuration configuration = new Configuration().configure();
String pass=encryptor.decrypt(configuration.getProperty("hibernate.connection.password"));
configuration.setProperty("hibernate.connection.password",pass);
And in hibernate.cfg
<property name="connection.username">sa</property>
<property name="connection.password">Nzuyhu5PJJwsVH3mdw==</property>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With