0

I want to know which would be the best java encryption type I can use to secure my application authentication details. In my application I have to use credentials for database and one application. I am putting it in one properties file.

db_username = abc
db_password = password

If I dont want my password to be visible in properties file. But I cant hardcode it in my application. Its a command prompt application and run using script which runs it automatically. What are the available encryption methods I can use?

Thanks..

xlecoustillier
  • 16,183
  • 14
  • 60
  • 85
DMS
  • 808
  • 2
  • 20
  • 34

1 Answers1

1

You could take the username and password as arguments to your program, which you would call like this for example:

java -jar yourProgram -user john -pass 1234

You then move the security issue to the OS (make sure your batch is only accessible by authorised users).

Alternatively you can pass a properties file, which you place is a secure location.

See also this related post.

Community
  • 1
  • 1
assylias
  • 321,522
  • 82
  • 660
  • 783
  • Thanks for your reply, Actually I can not go with this option as end user will not agree on it. I will have to do it with the same approach.. Still trying to give them few option out of which they may accept any one.. – DMS Jul 23 '13 at 13:17
  • In the end if you just encrypt the file, you will need to decrypt it and someone smart enough will be able to do the same. – assylias Jul 23 '13 at 13:27