Re: Re: Encrypted JDBC Connection Settings

From: Michael Gentry (blacknex..mail.com)
Date: Wed Aug 30 2006 - 11:12:18 EDT

  • Next message: Andrus Adamchik: "Re: Encrypted JDBC Connection Settings"

    Thanks for the link, Jean. I'm about ready to get started on adding
    this feature. The only encryption I'll include with Cayenne in ROT13,
    which is incredibly weak and anyone can encode/decode with:

    tr "[a-m][n-z][A-M][N-Z]" "[n-z][a-m][N-Z][A-M]" < filename

    ROT13 will basically serve as an example for anyone wanting to
    implement something stronger. Now to the technical stuff ...

    Modeler changes:

    My current approach will be to add another DataSource Factory for the
    modeler: org.objectstyle.cayenne.conf.ExtendedDriverDataSourceFactory
    and an associated pane to fill in the information. Since I don't
    think I can send attachments to the list, please send me an e-mail if
    you'd like to see what the new pane will look like and I'll send you a
    PNG of the current mockup. In a nutshell, you will be able to choose
    the password format (Plain Text, ROT13, User Defined ...), storage
    location (Model, External File), and an optional data string (such as
    a key) to be used by the encryption algorithm you supply (ROT13 and
    Plain Text will ignore the data string).

    XML changes:

    The DataNode XML file will need to have the <login/> element extended
    to support the encryption algorithm class, data string (key), and
    password location.

    Java changes:

    The org.objectstyle.cayenne.conf.ExtendedDriverDataSourceFactory class
    will need to be created. I'll create an interface which the
    encryption algorithm will have to implement. And, of course, the
    Plain Text and ROT13 classes. No stronger encryption will be
    provided.

    Andrus: What are your feelings about adding this to 1.2? We have to
    get software approved and since 2.0 isn't out yet (and is a clone of
    1.2, anyway) and 3.0 is a development cut, 1.2 is the most politically
    correct one at the moment ...

    Any comments before I get knee deep in it?

    Thanks!

    /dev/mrg

    On 8/10/06, Jean T. Anderson <jt..ristowhill.com> wrote:
    > Michael Gentry wrote:
    > ...
    > > I hadn't thought about the export issues (I'm very
    > > focused on my initial needs), but we could have a simple version for
    > > export if we included it (ROT13 anyone?).
    >
    > Here's an ASF link on the topic:
    >
    > http://www.apache.org/dev/crypto.html
    >
    > -jean
    >



    This archive was generated by hypermail 2.0.0 : Wed Aug 30 2006 - 11:12:44 EDT