You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user-java@ibatis.apache.org by Lindsay Oproman <lo...@gmail.com> on 2007/11/19 22:55:52 UTC

ibatis security question

Hello,

When I deploy my application, is there any way to protect the contents
of the XML
mappings holding the SQL? I don't want my end users having access
to my schema, or being able to change queries for that matter.

Lindsay

Re: ibatis security question

Posted by Jeff Butler <je...@gmail.com>.

For web applications, typically these files are usually stored un-jarred in
the WEB-INF\classes folder, or in a jar in the WEB-INF\lib folder.  End
users generally don't have access to these directories.

If you are doing a rich client application, then an educated user could
search through the JAR and find the XML.  You could get around this with
some encryption/decryption of the files manually before passing them to
iBATIS.  iBATIS does not have native support for this.  In this case you
might want to try an obfuscator too if you are concerned about reverse
compilers.

Jeff Butler

On Nov 19, 2007 3:55 PM, Lindsay Oproman <lo...@gmail.com> wrote:

> Hello,
>
> When I deploy my application, is there any way to protect the contents
> of the XML
> mappings holding the SQL? I don't want my end users having access
> to my schema, or being able to change queries for that matter.
>
> Lindsay
>

Subquery with where clause

Posted by Vinaya Tirikkovalluru <vi...@converge.com>.

Hi,

 

I have this situation where I need to write a sub query.

 

The query would be similar to :

 

SELECT * 

  FROM table1 a

   AND EXISTS ( SELECT 1 

                  FROM Table2 b 

                 WHERE b.col1      = a.col1

                           AND b.col2 = a.col2

                   AND  b.col3 = ?

              )

 

This should be a dynamic query where the first query can have where
condition out of the Example class generated by Abator

 

Thanks

Vinaya



This electronic message is intended only for the use of the individual(s) or entity(ies) named above and may contain information which is privileged and/or confidential.  If you are not the intended recipient, be aware that any disclosure, copying, distribution, dissemination or use of the contents of this message is prohibited.  If you received this message in error, please notify the sender immediately.