Ok forget my solution :D
Tuna Toksöz Eternal sunshine of the open source mind. http://devlicio.us/blogs/tuna_toksoz http://tunatoksoz.com http://twitter.com/tehlike On Wed, Aug 25, 2010 at 11:28 AM, Sal <[email protected]> wrote: > Don't think I've entirely rules that out ;) What about selects? > > > On Aug 25, 11:25 am, Tuna Toksoz <[email protected]> wrote: > > I hate to say that, but you can perhaps use a trigger on insert, and use > an > > iusertype on update. > > > > Tuna Toksöz > > Eternal sunshine of the open source mind. > > > > > http://devlicio.us/blogs/tuna_toksozhttp://tunatoksoz.comhttp://twitter.com/tehlike > > > > On Wed, Aug 25, 2010 at 11:23 AM, Sal <[email protected]> wrote: > > > Frans, > > > > > Yes. My point was, how do I get NH to use a sql function to perform > > > the encryption/decrypted when generating sql. There doesn't seem to be > > > an easy way, shy of using stored procs instead of NH generated SQL. > > > > > On Aug 25, 11:14 am, "Frans Bouma" <[email protected]> wrote: > > > > Isn't that client-side (right before the save) ? > > > > > > Column encryption has to take place on the server side you can use > the > > > key > > > > pair stored inside SQLServer, so other apps can decrypt the same data > > > > > > FB > > > > > > > Use an encrypted string IUserType. > > > > > > > http://code.google.com/p/unhaddins/source/browse/trunk/uNhAddIns/uNhA...> > > > serTypes/EncryptedString.cs?r=365 > > > > > > < > http://code.google.com/p/unhaddins/source/browse/trunk/uNhAddIns/uNhA. > > > .. > > > > > > > UserTypes/EncryptedString.cs?r=365> > > > > > > > On Wed, Aug 25, 2010 at 9:47 AM, Sal <[email protected]> > wrote: > > > > > > > It's not really open ended. SQL Server 2005 introduced column > level > > > > > encryption. The typical way for working with encrypted columns > is to > > > > > use a sql function for encryption and decryption. > > > > > > > Take a simple example. I have a property "Address" which is a > > > > string. > > > > > It needs to be encrypted in the DB using column level > encryption. > > > > > When > > > > > I retrieve it, I somehow need to use a sql function to decrypt, > and > > > > > likewise encrypt when inserting it. It's horrendously ugly > because > > > > it > > > > > bleeds through and affects the application. The app has to deal > with > > > > > SQLs encryption....crappy!. > > > > > > > I 'could' propose that the encryption is done in the app. Using > that > > > > > approach, it would be easier working with NH for sure. > > > > > > > On Aug 25, 10:38 am, John Davidson <[email protected]> > wrote: > > > > > > Potentially you did not get an answer because the question is > too > > > > > open > > > > > > ended. > > > > > > > > Encrypting and decrypting values in an object can be easily > > > > handled > > > > > in a > > > > > > number of ways, with or without NHibernate. The real issues > are > > > > how > > > > > are you > > > > > > going to query the data and how do you manage relations. > > > > > > > > If you are encrypting the Id values as they are stored that > > > > creates > > > > > one set > > > > > > of problems, but as this data is not business data does it > need to > > > > > be > > > > > > encrypted? > > > > > > > > Encrypting the business data becomes a problem when you want > to > > > > > search for > > > > > > partial string values. This can only be done if all rows are > held > > > > > in a cache > > > > > > in unencrypted format. Can your system handle this kind of > > > > caching? > > > > > Is it > > > > > > allowed by the business? > > > > > > > > Answering these questions will begin to put bounds on the > problem > > > > > space and > > > > > > then you may get better answers. > > > > > > > > John Davidson > > > > > > > > On Wed, Aug 25, 2010 at 10:20 AM, Sal <[email protected] > > > > > > > wrote: > > > > > > > OK, here goes. This topic has come up several times over the > > > > past > > > > > few > > > > > > > years, with no real solid answer. I'm hoping maybe this time > > > > > there we > > > > > > > will be some help. > > > > > > > > > I have the unfortunate experience of dealing with a client > who > > > > > insists > > > > > > > on using column level encryption in sql server, not just the > > > > > newer > > > > > > > TDE. This usually means using a sql function to > encrypt/decrypt > > > > > the > > > > > > > column during queries and inserts/updates. Is there any > guidance > > > > > > > around implementing this with Nhibernate....without > sprocs??? > > > > > > > > > -- > > > > > > > You received this message because you are subscribed to the > > > > > Google Groups > > > > > > > "nhusers" group. > > > > > > > To post to this group, send email to > [email protected]. > > > > > > > To unsubscribe from this group, send email to > > > > > > > > > > > > > > [email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > > > <mailto:nhusers%[email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > > > > > <nhusers%[email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > > > <mailto:nhusers%[email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > >> > > > > > > > > > . > > > > > > > For more options, visit this group at > > > > > > >http://groups.google.com/group/nhusers?hl=en. > > > > > > > -- > > > > > You received this message because you are subscribed to the > Google > > > > > Groups "nhusers" group. > > > > > To post to this group, send email to [email protected]. > > > > > To unsubscribe from this group, send email to > > > > > [email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > > > <mailto:nhusers%[email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > >> > > > . > > > > > For more options, visit this group at > > > > >http://groups.google.com/group/nhusers?hl=en. > > > > > > > -- > > > > > You received this message because you are subscribed to the Google > > > Groups > > > > > "nhusers" group. > > > > > To post to this group, send email to [email protected]. > > > > > To unsubscribe from this group, send email to > > > > > [email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > . > > > > > For more options, visit this group at > > > > >http://groups.google.com/group/nhusers?hl=en. > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "nhusers" group. > > > To post to this group, send email to [email protected]. > > > To unsubscribe from this group, send email to > > > [email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/nhusers?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "nhusers" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nhusers%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nhusers?hl=en. > > -- You received this message because you are subscribed to the Google Groups "nhusers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nhusers?hl=en.
