2

I want to encrypt/hide my connection string in my database.java class. I allready searched the internet but I didn't find anything usefull, maybe I searched the wrong keywords? Here is my current code.

conn = DriverManager.getConnection("jdbc:mysql://database/db", "username", "password");

How can I hide the username and password? So only my application can see it? And you can't see it when you extract the jar?

Thanks.

Vincent van der Linden
  • 219
  • 1
  • 4
  • 10

2 Answers2

4

Encrypt the connection string is not what you need! I suppose you need a better way to store your password. For this you should store passwords, in a separate file that the application reads when it starts. That is the only real way to prevent the password from leaking as a result of decompilation.

See this answer : From a similar question

Community
  • 1
  • 1
COD3BOY
  • 11,964
  • 1
  • 38
  • 56
0

you can byte endcode the string in a method and make the method return a string. if you wish you could add your encryption alogrithm that extracts the actual string using the input bytess.

Sid Malani
  • 2,078
  • 1
  • 13
  • 13
  • as Sanjay points out below, that is a better approach. Use a encryption api to extract the username, pwd, url from a properties file that goes with your app. This way you can also implement some licensing features.. (which is a bit more complicated) – Sid Malani Nov 20 '11 at 16:54
  • One thing I'd like to add to this answer: avoid storing the encryption key with the encrypted data. – S.L. Barth is on codidact.com Nov 20 '11 at 17:03