Spring application context encryption

Question

Is there any way that I could encrypt the application context entries, for example:

<bean id="securityDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="com.mysql.jdbc.Driver"/>
    <property name="url" value="jdbc:mysql://192.168.0.1/schemaname?useUnicode=true&amp;characterEncoding=utf-8"/>
    <property name="username" value="{this should be encrypted}"/>
    <property name="password" value="{this should be encrypted}"/>     
</bean> 

What I want to do is to encrypt the username & password.

Answer 1

You will need to externalize the properties using the propertyPlaceHolder. Once you do that you can use the Jasypt version of property place holder that supports encryption.

Answer 2

As fare as i know there is no Encrytion.

---

But you could externalize the properties, or the complete data source in the application server context.

Answer 3

You could create a jndi connection instead. In tomcat context.xml for example you add. That way you do not store any information in the application or properties file. Offcourse you have to set permissions to context.xml...

<Resource name="jdbc/[YourDatabaseName]" 
              auth="Container"
              type="javax.sql.DataSource" 
              username="[DatabaseUsername]" 
              password="[DatabasePassword]"
              driverClassName="com.mysql.jdbc.Driver"
              url="jdbc:mysql://[yourserver]:3306/[yourapplication]"
              maxActive="15" 
              maxIdle="3"/>