0

I want to know which would be the best java encryption type I can use to secure my application authentication details. In my application I have to use credentials for database and one application. I am putting it in one properties file.

db_username = abc
db_password = password

If I dont want my password to be visible in properties file. But I cant hardcode it in my application. Its a command prompt application and run using script which runs it automatically. What are the available encryption methods I can use?

Thanks..

xlecoustillier
  • 15,863
  • 14
  • 60
  • 82
DMS
  • 788
  • 2
  • 18
  • 33

1 Answers1

1

You could take the username and password as arguments to your program, which you would call like this for example:

java -jar yourProgram -user john -pass 1234

You then move the security issue to the OS (make sure your batch is only accessible by authorised users).

Alternatively you can pass a properties file, which you place is a secure location.

See also this related post.

Community
  • 1
  • 1
assylias
  • 310,138
  • 72
  • 642
  • 762
  • Thanks for your reply, Actually I can not go with this option as end user will not agree on it. I will have to do it with the same approach.. Still trying to give them few option out of which they may accept any one.. – DMS Jul 23 '13 at 13:17
  • In the end if you just encrypt the file, you will need to decrypt it and someone smart enough will be able to do the same. – assylias Jul 23 '13 at 13:27