I think I may have misinterpreted how the encryption works with Hibernate. I was testing with JUnit and when I did a user.getPassword() after previously saving the user with the password set, it returned the password in clear text. Is this the expected behaviour? Does the password get decrypted automatically?
I haven't had time to check into this by just actually saving the password to the DB and won't be able to work on this for the next week unfortunately.
I've also changed to using a digest instead of encruption which is workign nicely but is it possible to wire this up with Hibernate Annotations?
As for my application architecture, it's JSF, Spring 2.5 and Hibernate 3.2
Thanks
Hi
can you post more information on what is your application architecture? Are you using hibernate alone or is it in conjunction with Spring or Struts ?
Leo.
kchandler wrote:
Hi,
Did you manage to get this working? I'm having the same problem. I'm having to use the Spring method of encrypting the data, by injecting a HibernateSpringEncryptor into my bean and using that to do the encryption before setting it onto my domain object but I'd prefer to be able to get the Hibernate Annotation version working.
cassey wrote:
hi. i used the jasypt but the password wasn't encrypted when saved to the table
dont know what's wrong. please help.
here's my code
import org.hibernate.annotations.Parameter;
import org.hibernate.annotations.Type;
import org.hibernate.annotations.TypeDef;
import org.jasypt.hibernate.type.EncryptedStringType;
@Table(name = "STAFF")
@TypeDef(
name="encryptedString",
typeClass=EncryptedStringType.class,
parameters= {
@Parameter(name="encryptorRegisteredName", value="strongHibernateStringEncryptor")
}
)
public class Staff {
// other attributes ommited
@Column(name = "PASSWORD", nullable = false)
private String password;
@Type(type="encryptedString")
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
