Re: Re: Encrypted JDBC Connection Settings

From: Michael Gentry (blacknex..mail.com)
Date: Wed Aug 30 2006 - 11:12:18 EDT

Next message: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"

Previous message: Johan (JIRA): "[JIRA] Created: (CAY-641) Stack trace instead of error message when relationship and attribute have the same name"
In reply to: Jean T. Anderson: "Re: Encrypted JDBC Connection Settings"
Next in thread: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"
Next in thread: Michael Gentry: "Encrypted JDBC Connection Settings"
Reply: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"
Reply: Mike Kienenberger: "Re: Re: Encrypted JDBC Connection Settings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks for the link, Jean. I'm about ready to get started on adding
this feature. The only encryption I'll include with Cayenne in ROT13,
which is incredibly weak and anyone can encode/decode with:

tr "[a-m][n-z][A-M][N-Z]" "[n-z][a-m][N-Z][A-M]" < filename

ROT13 will basically serve as an example for anyone wanting to
implement something stronger. Now to the technical stuff ...

Modeler changes:

My current approach will be to add another DataSource Factory for the
modeler: org.objectstyle.cayenne.conf.ExtendedDriverDataSourceFactory
and an associated pane to fill in the information. Since I don't
think I can send attachments to the list, please send me an e-mail if
you'd like to see what the new pane will look like and I'll send you a
PNG of the current mockup. In a nutshell, you will be able to choose
the password format (Plain Text, ROT13, User Defined ...), storage
location (Model, External File), and an optional data string (such as
a key) to be used by the encryption algorithm you supply (ROT13 and
Plain Text will ignore the data string).

XML changes:

The DataNode XML file will need to have the <login/> element extended
to support the encryption algorithm class, data string (key), and
password location.

Java changes:

The org.objectstyle.cayenne.conf.ExtendedDriverDataSourceFactory class
will need to be created. I'll create an interface which the
encryption algorithm will have to implement. And, of course, the
Plain Text and ROT13 classes. No stronger encryption will be
provided.

Andrus: What are your feelings about adding this to 1.2? We have to
get software approved and since 2.0 isn't out yet (and is a clone of
1.2, anyway) and 3.0 is a development cut, 1.2 is the most politically
correct one at the moment ...

Any comments before I get knee deep in it?

Thanks!

/dev/mrg

On 8/10/06, Jean T. Anderson <jt..ristowhill.com> wrote:
> Michael Gentry wrote:
> ...
> > I hadn't thought about the export issues (I'm very
> > focused on my initial needs), but we could have a simple version for
> > export if we included it (ROT13 anyone?).
>
> Here's an ASF link on the topic:
>
> http://www.apache.org/dev/crypto.html
>
> -jean
>

Next message: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"
Previous message: Johan (JIRA): "[JIRA] Created: (CAY-641) Stack trace instead of error message when relationship and attribute have the same name"
In reply to: Jean T. Anderson: "Re: Encrypted JDBC Connection Settings"
Next in thread: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"
Next in thread: Michael Gentry: "Encrypted JDBC Connection Settings"
Reply: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"
Reply: Mike Kienenberger: "Re: Re: Encrypted JDBC Connection Settings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2.0.0 : Wed Aug 30 2006 - 11:12:44 EDT