0

I have a java class containing my Database settings (username, password). I want to use this class in all the packages of my plugin but I don't want it to be available to other plugins.

How can I do that? Removing the public attribute of the class hides it from all other packages and leaving it public exposes it to all other plugins wich is bad in my case.

Isn't there some kind of keyword like protected for functions and variables?

Markus
  • 1,452
  • 2
  • 21
  • 47
  • 3
    You shouldn't store username password (of whatever it is) in a Java class. – asgs Feb 12 '13 at 06:50
  • Please check this answer for a possible solution. http://stackoverflow.com/questions/442862/how-can-i-protect-mysql-username-and-password-from-decompiling/442872#442872 – Anupam Saini Feb 12 '13 at 06:58
  • Should it coincidentally be an OSGi or NetBeans plugin - they have a module system (OSGi: bundle) where on module level one may specify what is public, and hence what not. The only other - ugly - trick would be to use your own class loader/factory checking the caller, and check in the datasource class whether that class loader was used. Safe it is not against disassembly. – Joop Eggen Feb 12 '13 at 06:58
  • Yes it is an OSGi plugin. I used the eclipse RCP to write an application and want to distribute it now to clients so that they can develop their own plugins for it. What I don't want is to have them get access to the DB Settings of the core application since it contains licensing informations. I'll read about the module system a bit now. – Markus Feb 12 '13 at 07:13

2 Answers2

1

How can I do that?

Instead of having credentials in class, create a configuration file and use it in classes where required.

Azodious
  • 13,752
  • 1
  • 36
  • 71
0

If your database information is stored as plain text variables, it doesn't matter what visibility you set. Anyone interested will easily find those strings.

I'm not sure what you are plugging into, but most platforms that I have used have a way of stating which packages should be shared/hidden. This would be specific to the platform (Netbeans, Eclipse, etc...)

Aside from that, if you make your class/variables protected then only classes in the same package or which extend it would be able to use them. If no visibility modifier is set, then it defaults to package and use is restricted to classes in the same package.

Tim Bender
  • 20,112
  • 2
  • 49
  • 58