You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@openjpa.apache.org by Rick Curtis <cu...@gmail.com> on 2009/08/06 23:22:52 UTC
Re: How to encrypt DB password in persistence.xml
Yu Wang -
OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware that a
change was made.
Thanks -
Rick
[1] https://issues.apache.org/jira/browse/OPENJPA-1089
--
View this message in context: http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
Sent from the OpenJPA Users mailing list archive at Nabble.com.
Re: How to encrypt DB password in persistence.xml
Posted by Kevin Sutter <kw...@gmail.com>.
Hi,
Yes, we do have plans to GA OpenJPA 2.0 before the end of the year, but it
all depends on external factors which we have little control over. We need
a finalized spec from the JCP -- current target date of Nov 16, 2009. And,
we need a TCK (test suite) delivered at approximately the same timeframe.
Then, we need to work through that TCK so that we can claim compliance.
Overall, our OpenJPA 2.0 development and testing has been going quite well,
so we're hoping for the same when using the TCK...
Kevin
On Tue, Sep 1, 2009 at 4:58 AM, wang yu <wa...@gmail.com> wrote:
> Hello, Mike,
> Do we have a target day for OpenJPA 2.0 GA?
> From http://openjpa.apache.org/jpa-20-roadmap.html , may I assume it
> will be released before the end of the year?
>
> Both password Encryption and get cache from factory in JPA spec are
> very useful for me.
> I use Spring to manager the life circle of manager factory, it's
> difficult to cast factory into OpenJPAEntityManagerFactory directly.
>
> Regards,
> Yu Wang
>
>
> On Fri, Aug 14, 2009 at 11:27 AM, Michael Dick<mi...@gmail.com>
> wrote:
> > Hi,
> > OpenJPA doesn't know (or care) how much of the password is encrypted -
> that
> > determination is up to the encryption provider (ie your code). So if the
> > encryption provider can figure out which parts of the string need to be
> > decrypted and which parts do not then you should be set.
> >
> > I just reopened the issue to port it to version 1.3.0 so this feature
> will
> > be available in the next major (2.0.0) and minor (1.3.0) versions of
> > OpenJPA.
> >
> > In the mean time you can grab a nightly build from the builds
> > page<http://openjpa.apache.org/downloads.html> (look
> > for 2.0.0-SNAPSHOT). I'll try to get the fix ported to 1.3.0 this
> weekend
> > too.
> >
> > -mike
> >
> >
> >
> > On Thu, Aug 13, 2009 at 8:58 PM, wang yu <wa...@gmail.com> wrote:
> >
> >> Mike,
> >> Thanks a lot!
> >> Since I used DBCP datasource as following:
> >> <property name="openjpa.ConnectionProperties"
> >>
> >> value="driverClassName=oracle.jdbc.driver.OracleDriver,
> >> url=jdbc:oracle:thin:@localhost:1521:orcl, username=XXX, password=XXX,
> >> maxActive=8, maxWait=10000, poolPreparedStatements=true" />
> >>
> >>
> >> May I encrypt a sub string of property value rather than full
> >> property value string?
> >>
> >> Anyway, when will this feature be available? In a new release or a
> >> rolling patch?
> >>
> >> Regards,
> >> Yu Wang
> >>
> >>
> >> On Fri, Aug 7, 2009 at 9:33 PM, Michael Dick<mi...@gmail.com>
> >> wrote:
> >> > Hi Yu,
> >> >
> >> > At the moment our support allows you to specify an 'Encryption
> Provider'
> >> > which handles the encryption / decryption of a password. We aren't
> >> providing
> >> > a tool to do the actual encryption - just a plugin point for other
> tools.
> >> >
> >> > It sounds like you have written the encryption code in your extension
> for
> >> > DBCP so it should be fairly easy to wrap in an encryption provider.
> >> >
> >> > Hope this helps,
> >> > -mike
> >> >
> >> > On Fri, Aug 7, 2009 at 1:25 AM, wang yu <wa...@gmail.com> wrote:
> >> >
> >> >> Rick,
> >> >> Thank you for your information. I have resolved this issue by
> >> >> modifying dbcp source code.
> >> >> The bad part is dbcp can be built with jdk 1.4 only which made build
> >> >> system little bit complicated:-)
> >> >>
> >> >> If you can deliver encryption feature in next release, I'll be very
> >> >> pleased to use it.
> >> >>
> >> >> Regards,
> >> >> Yu Wang
> >> >>
> >> >>
> >> >> On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<cu...@gmail.com>
> wrote:
> >> >> >
> >> >> > Yu Wang -
> >> >> >
> >> >> > OPENJPA-1089[1] wasn't your exact problem, but I want you to be
> aware
> >> >> that a
> >> >> > change was made.
> >> >> >
> >> >> > Thanks -
> >> >> > Rick
> >> >> >
> >> >> > [1] https://issues.apache.org/jira/browse/OPENJPA-1089
> >> >> > --
> >> >> > View this message in context:
> >> >>
> >>
> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
> >> >> > Sent from the OpenJPA Users mailing list archive at Nabble.com.
> >> >> >
> >> >>
> >> >
> >>
> >
>
Re: How to encrypt DB password in persistence.xml
Posted by wang yu <wa...@gmail.com>.
Hello, Mike,
Do we have a target day for OpenJPA 2.0 GA?
>From http://openjpa.apache.org/jpa-20-roadmap.html , may I assume it
will be released before the end of the year?
Both password Encryption and get cache from factory in JPA spec are
very useful for me.
I use Spring to manager the life circle of manager factory, it's
difficult to cast factory into OpenJPAEntityManagerFactory directly.
Regards,
Yu Wang
On Fri, Aug 14, 2009 at 11:27 AM, Michael Dick<mi...@gmail.com> wrote:
> Hi,
> OpenJPA doesn't know (or care) how much of the password is encrypted - that
> determination is up to the encryption provider (ie your code). So if the
> encryption provider can figure out which parts of the string need to be
> decrypted and which parts do not then you should be set.
>
> I just reopened the issue to port it to version 1.3.0 so this feature will
> be available in the next major (2.0.0) and minor (1.3.0) versions of
> OpenJPA.
>
> In the mean time you can grab a nightly build from the builds
> page<http://openjpa.apache.org/downloads.html> (look
> for 2.0.0-SNAPSHOT). I'll try to get the fix ported to 1.3.0 this weekend
> too.
>
> -mike
>
>
>
> On Thu, Aug 13, 2009 at 8:58 PM, wang yu <wa...@gmail.com> wrote:
>
>> Mike,
>> Thanks a lot!
>> Since I used DBCP datasource as following:
>> <property name="openjpa.ConnectionProperties"
>>
>> value="driverClassName=oracle.jdbc.driver.OracleDriver,
>> url=jdbc:oracle:thin:@localhost:1521:orcl, username=XXX, password=XXX,
>> maxActive=8, maxWait=10000, poolPreparedStatements=true" />
>>
>>
>> May I encrypt a sub string of property value rather than full
>> property value string?
>>
>> Anyway, when will this feature be available? In a new release or a
>> rolling patch?
>>
>> Regards,
>> Yu Wang
>>
>>
>> On Fri, Aug 7, 2009 at 9:33 PM, Michael Dick<mi...@gmail.com>
>> wrote:
>> > Hi Yu,
>> >
>> > At the moment our support allows you to specify an 'Encryption Provider'
>> > which handles the encryption / decryption of a password. We aren't
>> providing
>> > a tool to do the actual encryption - just a plugin point for other tools.
>> >
>> > It sounds like you have written the encryption code in your extension for
>> > DBCP so it should be fairly easy to wrap in an encryption provider.
>> >
>> > Hope this helps,
>> > -mike
>> >
>> > On Fri, Aug 7, 2009 at 1:25 AM, wang yu <wa...@gmail.com> wrote:
>> >
>> >> Rick,
>> >> Thank you for your information. I have resolved this issue by
>> >> modifying dbcp source code.
>> >> The bad part is dbcp can be built with jdk 1.4 only which made build
>> >> system little bit complicated:-)
>> >>
>> >> If you can deliver encryption feature in next release, I'll be very
>> >> pleased to use it.
>> >>
>> >> Regards,
>> >> Yu Wang
>> >>
>> >>
>> >> On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<cu...@gmail.com> wrote:
>> >> >
>> >> > Yu Wang -
>> >> >
>> >> > OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware
>> >> that a
>> >> > change was made.
>> >> >
>> >> > Thanks -
>> >> > Rick
>> >> >
>> >> > [1] https://issues.apache.org/jira/browse/OPENJPA-1089
>> >> > --
>> >> > View this message in context:
>> >>
>> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
>> >> > Sent from the OpenJPA Users mailing list archive at Nabble.com.
>> >> >
>> >>
>> >
>>
>
Re: How to encrypt DB password in persistence.xml
Posted by Michael Dick <mi...@gmail.com>.
Hi,
OpenJPA doesn't know (or care) how much of the password is encrypted - that
determination is up to the encryption provider (ie your code). So if the
encryption provider can figure out which parts of the string need to be
decrypted and which parts do not then you should be set.
I just reopened the issue to port it to version 1.3.0 so this feature will
be available in the next major (2.0.0) and minor (1.3.0) versions of
OpenJPA.
In the mean time you can grab a nightly build from the builds
page<http://openjpa.apache.org/downloads.html> (look
for 2.0.0-SNAPSHOT). I'll try to get the fix ported to 1.3.0 this weekend
too.
-mike
On Thu, Aug 13, 2009 at 8:58 PM, wang yu <wa...@gmail.com> wrote:
> Mike,
> Thanks a lot!
> Since I used DBCP datasource as following:
> <property name="openjpa.ConnectionProperties"
>
> value="driverClassName=oracle.jdbc.driver.OracleDriver,
> url=jdbc:oracle:thin:@localhost:1521:orcl, username=XXX, password=XXX,
> maxActive=8, maxWait=10000, poolPreparedStatements=true" />
>
>
> May I encrypt a sub string of property value rather than full
> property value string?
>
> Anyway, when will this feature be available? In a new release or a
> rolling patch?
>
> Regards,
> Yu Wang
>
>
> On Fri, Aug 7, 2009 at 9:33 PM, Michael Dick<mi...@gmail.com>
> wrote:
> > Hi Yu,
> >
> > At the moment our support allows you to specify an 'Encryption Provider'
> > which handles the encryption / decryption of a password. We aren't
> providing
> > a tool to do the actual encryption - just a plugin point for other tools.
> >
> > It sounds like you have written the encryption code in your extension for
> > DBCP so it should be fairly easy to wrap in an encryption provider.
> >
> > Hope this helps,
> > -mike
> >
> > On Fri, Aug 7, 2009 at 1:25 AM, wang yu <wa...@gmail.com> wrote:
> >
> >> Rick,
> >> Thank you for your information. I have resolved this issue by
> >> modifying dbcp source code.
> >> The bad part is dbcp can be built with jdk 1.4 only which made build
> >> system little bit complicated:-)
> >>
> >> If you can deliver encryption feature in next release, I'll be very
> >> pleased to use it.
> >>
> >> Regards,
> >> Yu Wang
> >>
> >>
> >> On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<cu...@gmail.com> wrote:
> >> >
> >> > Yu Wang -
> >> >
> >> > OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware
> >> that a
> >> > change was made.
> >> >
> >> > Thanks -
> >> > Rick
> >> >
> >> > [1] https://issues.apache.org/jira/browse/OPENJPA-1089
> >> > --
> >> > View this message in context:
> >>
> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
> >> > Sent from the OpenJPA Users mailing list archive at Nabble.com.
> >> >
> >>
> >
>
Re: How to encrypt DB password in persistence.xml
Posted by wang yu <wa...@gmail.com>.
Mike,
Thanks a lot!
Since I used DBCP datasource as following:
<property name="openjpa.ConnectionProperties"
value="driverClassName=oracle.jdbc.driver.OracleDriver,
url=jdbc:oracle:thin:@localhost:1521:orcl, username=XXX, password=XXX,
maxActive=8, maxWait=10000, poolPreparedStatements=true" />
May I encrypt a sub string of property value rather than full
property value string?
Anyway, when will this feature be available? In a new release or a
rolling patch?
Regards,
Yu Wang
On Fri, Aug 7, 2009 at 9:33 PM, Michael Dick<mi...@gmail.com> wrote:
> Hi Yu,
>
> At the moment our support allows you to specify an 'Encryption Provider'
> which handles the encryption / decryption of a password. We aren't providing
> a tool to do the actual encryption - just a plugin point for other tools.
>
> It sounds like you have written the encryption code in your extension for
> DBCP so it should be fairly easy to wrap in an encryption provider.
>
> Hope this helps,
> -mike
>
> On Fri, Aug 7, 2009 at 1:25 AM, wang yu <wa...@gmail.com> wrote:
>
>> Rick,
>> Thank you for your information. I have resolved this issue by
>> modifying dbcp source code.
>> The bad part is dbcp can be built with jdk 1.4 only which made build
>> system little bit complicated:-)
>>
>> If you can deliver encryption feature in next release, I'll be very
>> pleased to use it.
>>
>> Regards,
>> Yu Wang
>>
>>
>> On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<cu...@gmail.com> wrote:
>> >
>> > Yu Wang -
>> >
>> > OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware
>> that a
>> > change was made.
>> >
>> > Thanks -
>> > Rick
>> >
>> > [1] https://issues.apache.org/jira/browse/OPENJPA-1089
>> > --
>> > View this message in context:
>> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
>> > Sent from the OpenJPA Users mailing list archive at Nabble.com.
>> >
>>
>
Re: How to encrypt DB password in persistence.xml
Posted by Michael Dick <mi...@gmail.com>.
Hi Yu,
At the moment our support allows you to specify an 'Encryption Provider'
which handles the encryption / decryption of a password. We aren't providing
a tool to do the actual encryption - just a plugin point for other tools.
It sounds like you have written the encryption code in your extension for
DBCP so it should be fairly easy to wrap in an encryption provider.
Hope this helps,
-mike
On Fri, Aug 7, 2009 at 1:25 AM, wang yu <wa...@gmail.com> wrote:
> Rick,
> Thank you for your information. I have resolved this issue by
> modifying dbcp source code.
> The bad part is dbcp can be built with jdk 1.4 only which made build
> system little bit complicated:-)
>
> If you can deliver encryption feature in next release, I'll be very
> pleased to use it.
>
> Regards,
> Yu Wang
>
>
> On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<cu...@gmail.com> wrote:
> >
> > Yu Wang -
> >
> > OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware
> that a
> > change was made.
> >
> > Thanks -
> > Rick
> >
> > [1] https://issues.apache.org/jira/browse/OPENJPA-1089
> > --
> > View this message in context:
> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
> > Sent from the OpenJPA Users mailing list archive at Nabble.com.
> >
>
Re: How to encrypt DB password in persistence.xml
Posted by wang yu <wa...@gmail.com>.
Rick,
Thank you for your information. I have resolved this issue by
modifying dbcp source code.
The bad part is dbcp can be built with jdk 1.4 only which made build
system little bit complicated:-)
If you can deliver encryption feature in next release, I'll be very
pleased to use it.
Regards,
Yu Wang
On Fri, Aug 7, 2009 at 5:22 AM, Rick Curtis<cu...@gmail.com> wrote:
>
> Yu Wang -
>
> OPENJPA-1089[1] wasn't your exact problem, but I want you to be aware that a
> change was made.
>
> Thanks -
> Rick
>
> [1] https://issues.apache.org/jira/browse/OPENJPA-1089
> --
> View this message in context: http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-tp2868212p3400811.html
> Sent from the OpenJPA Users mailing list archive at Nabble.com.
>