How can I configure Hibernate to use SSL to talk to the DB server?

Question

I have an existing java webapp that uses Hibernate for it's persistence. I've been told that I have to have to talk to the DB encrypted - so my first thought is to set it up to do the communication via SSL - and went through figured out how to set up Oracle to listen for JDBC over SSL -

http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl_2007.pdf

And wrote a quick test class to verify that it was setup and working (connecting via standard JDBC). That left me with the issue of configuring Hibernate - unfortunately I don't see how hibernate supports it?

Answer 1

Hibernate works with standard JDBC data sources, so there is no need for Hibernate-specific configuration.

Here's an quick example that should work when configuring Hibernate with Spring:

<bean id="dataSource" class="oracle.jdbc.pool.OracleDataSource">
    <property name="URL"><value><!-- JDBC URL that specifies SSL connection --></value></property>
    <!-- other relevant properties, like user and password -->
    <property name="connectionProperties>
        <value>
            oracle.net.ssl_cipher_suites: (ssl_rsa_export_with_rc4_40_md5, ssl_rsa_export_with_des40_cbc_sha)
            oracle.net.ssl_client_authentication: false
            oracle.net.ssl_version: 3.0
            oracle.net.encryption_client: REJECTED 
            oracle.net.crypto_checksum_client: REJECTED
        </value>
    </property>
</bean>

<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
    <property name="dataSource" ref="dataSource" />
    <!-- classes etc -->
</bean>