Java - encrypt / decrypt user name and password from a configuration file

Posted by nzpcmad on Stack Overflow See other posts from Stack Overflow or by nzpcmad
Published on 2008-12-03T22:39:10Z Indexed on 2010/04/23 20:23 UTC
Read the original article Hit count: 308

Filed under:

java

|

configuration-files

|

encryption

We are busy developing a Java web service for a client. There are two possible choices:

Store the encrypted user name / password on the web service client. Read from a config. file on the client side, decrypt and send.
Store the encrypted user name / password on the web server. Read from a config. file on the web server, decrypt and use in the web service.

The user name / password is used by the web service to access a third-party application.

The client already has classes that provide this functionality but this approach involves sending the user name / password in the clear (albeit within the intranet). They would prefer storing the info. within the web service but don't really want to pay for something they already have. (Security is not a big consideration because it's only within their intranet).

So we need something quick and easy in Java.

Any recommendations?

The server is Tomkat 5.5. The web service is Axis2.

What encrypt / decrypt package should we use?
What about a key store?
What configuration mechanism should we use?
Will this be easy to deploy?

© Stack Overflow or respective owner

Related posts about java

Tomcat 6: Access Control Exception?

as seen on Server Fault - Search for 'Server Fault'
I'm trying to setup a tomcat6 server, and I'm trying to match another setup someone else established. However, my deployment (default Ubuntu install) uses a policy.d/ directory structure, and the established server just uses a catalina.policy file. I've tried setting every entry in policy.d to match… >>> More
Problem in creation MDB Queue connection at Jboss StartUp

as seen on Stack Overflow - Search for 'Stack Overflow'
I am not able to create a Queue connection in JBOSS4.2.3GA Version & Java1.5, as I am using MDB as per the below details. I am putting this MDB in a jar file(named utsJar.jar) and copied it in deploy folder of JBOSS, In the test env. this MDB works well but in another env. [ env settings and… >>> More
failing to establish connection between Postgres db and gwt

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am using Postgres and gwt 2.0 for one of my applications. I am facing problem connecting to the database. When I try to connect it gives "ClassNotFoundException". Here is what I get when I try to connect to database: java.lang.ClassNotFoundException: org.postgresql.Driver at java.net… >>> More
failing to establish connection between postgre db and gwt

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, For i am using postgre and gwt 2.0 for one of my applications. I am facing problem connecting to the database. When i try to connect it gives "ClassNotFoundException". Here is what i get when i try to connect to database: java.lang.ClassNotFoundException: org.postgresql.Driver at java.net… >>> More
Migration and deployement problems JBoss 4.2.2.GA to JBoss 6.0.0.M2

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I'm trying to migrate an application running on JBoss 4.2.2.GA to JBoss 6.0.0.M2 I give you some log to explain my problem : boot.log : 2010-03-16 09:59:29,406 ERROR [org.jboss.system.server.profileservice.ProfileServiceBootstrap] (Thread-2) Failed to load profile: Summary of incomplete deployments… >>> More

Related posts about configuration-files

API for parse/update UNIX configuration files

as seen on Stack Overflow - Search for 'Stack Overflow'
Unix configuration files come in all shapes and forms. I know that Webmin has a Perl API that makes it easy to parse and modify most common configuration pro grammatically, while preserving changes that might have been made by hand. Are there any other libraries that has similar functionality, perhaps… >>> More
Nesting Levels in Custom Section Handlers in .NET Configuration Files

as seen on Stack Overflow - Search for 'Stack Overflow'
I know I can have 1 parent element and 1 child element in my own custom app.config section like so: <sectionGroup> <section> <element /> </section> </sectionGroup> My question is, can I have one or more levels of nesting more than this? Like so: <biggestSectionGroup> <biggerSectionGroup> <sectionGroup> … >>> More
linux passwords in configuration files

as seen on Super User - Search for 'Super User'
Some programs on linux that use configuration files, want me to enter my password in plain text in one of their configuration files. For example newsbeauter, the rss reader wants me to enter my google account password in a ~/.newsbeauter/config if I want to read google reader feeds. Mutt also sort… >>> More
TeamCity swap configuration files

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi! I have been using CC.NET for a while and decided to try Team City. The initial and default configuration is very easy, but how do I swap configuration files after code is checked out and before unit tests are run. I am using TFS, NUnit. 1. When working locally I have configuration file pointing… >>> More
Configuration files for C in linux

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I have an executable that run time should take configuration parameters from a script file. This way I dont need to re-compile the code for every configuration change. Right now I have all the configuration values in a .h file. Everytime I change it i need to re-compile. The platform is C,… >>> More