Hibernate数据库运行时密码
有没有办法在运行时询问数据库密码,而不是将其(加密或未加密)放在 hibernate.cfg.xml 文件中?
Is there a way to ask for the database password at runtime instead of putting it (encrypted or not) in the hibernate.cfg.xml file?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
Hibernate 中的几乎每个配置选项在所配置的对象上都有一个相应的方法。实际上,配置实际上只是将 XML 绑定到正在设置的对象的一种方法。有关详细信息,请参阅本文: http:// docs.jboss.org/hibernate/core/3.3/reference/en/html/session-configuration.html
也就是说,您有责任在启动时收集密码。这可能是问题中最困难的部分。收集密码后,请将其发送至相应的酒店。
Just about every configuration option in Hibernate has a corresponding method on the object being configured. In reality, the configuration is really just a way to bind XML to the objects being set up. See this article for more information: http://docs.jboss.org/hibernate/core/3.3/reference/en/html/session-configuration.html
That said, the onus is on you to collect the password at startup. That can be the most difficult part of the problem. Once you've collected the password, send it to the appropriate property.
如果您使用的是 Java EE 应用服务器,通常最好的方法是使用 JNDI 查找来获取数据库连接,而不是使用驱动程序管理器。这样,设置 JNDI 连接池的人是唯一需要知道密码的人,并且密码通常在管理控制台中进行加密,因此很安全。
Usually the best way to do it, if you're using a Java EE app server, is to use a JNDI look up to get the database connection instead of using a driver manager. That way the person who sets up the JNDI connection pool is the only one that has to know the password, and it's generally encrypted in the admin console so it's safe.
我认为如果您使用 Hibernate 配置的编程实例化,您可以从不包含密码的配置文件初始化它,在您实例化的配置对象上设置数据库连接的附加属性,然后调用 buildConfguration() 。
I think if you are using programmatic instantiation of the Hibernate configuration, you can initialize it from the configuration file that does not contain a password, set the additional property for the database connection on the configuration object you're instantiating, then call buildConfguration().