Hello I'm set up connection string manually - from application configuration file. I store encrypted passwords in it. So in iBATIS file connectionString attribute contains one space only.
You could ask password at runtime and concatenate it with the connection string. Connection string should be ready ;) (ends with 'password=') ConnectionString could be set via SqlMapper.DataSource.ConnectionString All SQL statements will be transferred via network in plaintext AFAIK so you should not care about it security ;) But if you still want to be secure - encrypt iBATIS config files before contribute it. You will need decrypt it in the runtime and configure iBATIS with SqlMapper.Configure that takes XmlDocument as parameter. Good luck > -----Original Message----- > From: Pablo Lopez [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 12, 2005 2:49 PM > To: ibatis-user-cs@incubator.apache.org > Subject: plaintext passwords and exposed sql in configuration files > > Hi everybody, > > I'm new in using iBatis and I've managed to make it up and running, > providing excellent features. > > But there's one problem that I've come across: the username > and password > used for the connection with the database are stored in plaintext, > either in the sqlmap.config or in the providers.config files, as also > all the SQL is in the datamaps. ___________________________________________________________________________ This communication is confidential and may be legally privileged. If you believe you are not an intended recipient, please inform the sender, delete the e-mail and do not copy, print or use it or disclose it to others. You can inform the sender by replying to this e-mail or by telephone (+380 44 4906080).
