Cannot encrypt password in configuration file

Question

I\'m having trouble encrypting the database password in hibernate.cfg.xml

This is my property file.

Answer 1

You might try this:

StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setPassword("jasypt");
strongEncryptor.setAlgorithm("PBEWITHMD5ANDDES");
HibernatePBEEncryptorRegistry registry =                          HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);

Configuration configuration = new Configuration();
configuration.configure("hibernate.cfg.xml");
configuration.setProperty("hibernate.connection.password", strongEncryptor.decrypt(configuration.getProperty("hibernate.connection.password")));
ServiceRegistryBuilder serviceRegistryBuilder = new ServiceRegistryBuilder().applySettings(configuration.getProperties());
sessionFactory = configuration.buildSessionFactory(serviceRegistryBuilder.buildServiceRegistry());

Answer 2

http://www.jasypt.org/hibernate.html

Why not switch algorithms to: PBEWithMD5AndTripleDES

Take a look at this post on StackOverflow: Error implementing Jasypt with Hibernate 3 and Struts 2

Answer 3

This is not the proper way to do it but solves.

StandardPBEStringEncryptor encryptor =new StandardPBEStringEncryptor();
encryptor.setPassword("somePass");
encryptor.setAlgorithm("PBEWITHMD5ANDDES");
Configuration configuration = new Configuration().configure();
String pass=encryptor.decrypt(configuration.getProperty("hibernate.connection.password"));
configuration.setProperty("hibernate.connection.password",pass);   

And in hibernate.cfg

    <property name="connection.username">sa</property>
    <property name="connection.password">Nzuyhu5PJJwsVH3mdw==</property>