Java播放加密数据库密码 [英] Java Play Encrypt Database Password
问题描述
我正在开发一个Java Play应用程序,并将数据库密码以纯文本形式存储在application.conf文件中。
I'm developing a Java Play application and I'm storing the Database password in plain text inside the application.conf file.
db.default.url="jdbc:oracle:thin:@HOST:PORT/SID"
db.default.user=USER
db.default.pass=PW
现在我想将它存储为加密的密码。
Now i want to store it as an encrypted password.
在寻找解决方案时,我看到了许多关于实现插件的艺术。以下是我遇到的解决方案。
While searching for a solution I saw many articals about implementing a plugin. Following is an solution I came across.
Encrypting db password in application.conf
在这个例子中,使用play.PlayPlugin,但是当我尝试它时,错误。我需要插入外部jar文件或是因为版本问题。我使用Java播放1.2
In that example, play.PlayPlugin is used but when I try it, I get an package not found error. Do I need to insert an external jar file or is it because of a version problem. I'm using Java play 1.2
除了插件外,还有其他方式以加密格式存储密码。
Is there any other way to store password in encrypted format other than a plugin.
推荐答案
您不需要对自己系统中的任何内容加密。只需确保您的服务器是安全的。
You shouldn't need to encrypt anything inside your own system. Just make sure your server is secure.
由于您将需要让您的应用程序访问密码,有权访问您的系统的攻击者将能够访问您的
Since you will need to let your application access the password, an attacker who has access to your system would be able to get to your password anyway.
但永远不要在git(或subversion或其他)中检查您的密码!
But never ever check your passwords into git (or subversion or whatever)!
Instead what you should do is this:
include "secret.conf"
code> conf -folder。并将所有凭据保存在此文件中。
Create the secure.conf in your conf-folder.And save all your credentials in this file.
这篇关于Java播放加密数据库密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
