Re: Re: Encrypted JDBC Connection Settings

From: Michael Gentry (blacknex..mail.com)
Date: Thu Aug 10 2006 - 11:03:32 EDT

  • Next message: Mike Kienenberger: "Re: Re: Encrypted JDBC Connection Settings"

    Setting encryption via URL parameters sounds like it might encrypt the
    data stream (all the SQL), which is cool, but I need to encrypt the
    password to the database (no plaintext passwords to comply with SOX
    standards).

    Thanks,

    /dev/mrg

    On 8/10/06, Andrus Adamchik <andru..bjectstyle.org> wrote:
    > I think some JDBC drivers allow to set encrypted operation mode via
    > URL parameters in a manner completely external to the ORM or the rest
    > of the application. Never used it though...
    >
    > Andrus
    >
    >
    > On Aug 10, 2006, at 10:37 AM, Mike Kienenberger wrote:
    >
    > > Once you start dealing with encryption, there will be export
    > > legalities and configuration issues (setting up different policy
    > > files).
    > >
    > > Maybe we can avoid most of this by making the default encryption type
    > > something harmless and providing directions for enabling more
    > > encryption.
    > >
    > > Also, have you considered using JNDI instead? Some containers
    > > already provide encrypted JNDI data sources.
    > >
    > > On 8/10/06, Michael Gentry <blacknex..mail.com> wrote:
    > >> It looks like I might need the ability to encrypt the JDBC settings
    > >> (or at least the password) in my current applications. Is this
    > >> something that should be added to Cayenne (and Modeler) or should I
    > >> think of alternative solutions? Note that this would be encrypted,
    > >> not hashed, since that sometimes gets confused. There would need to
    > >> be a facility to decrypt, too.
    > >>
    > >> Just looking for thoughts/ideas at this moment.
    > >>
    > >> Thanks,
    > >>
    > >> /dev/mrg
    > >>
    > >
    >
    >



    This archive was generated by hypermail 2.0.0 : Thu Aug 10 2006 - 11:04:09 EDT