Re: Enabling encryption using DataSource after creating a database

Mon, 20 Oct 2008 00:33:01 -0700 

Iwud H8u <[EMAIL PROTECTED]> writes:

> Hi All,
>
> I am using EmbeddedDataSource to create a database and in a separate step
> enable authentication and encryption on the database. I have enabled
> authentication using the following code:
>
>             // set authentication 
>             CallableStatement callableStatement = connection.prepareCall(""
> +
>                     "CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(?, ?)");
> //            callableStatement.setString(1,
> "derby.database.sqlAuthorization");
>             callableStatement.setString(1,
> "derby.connection.requireAuthentication");
>             callableStatement.setString(2, "true");
>             callableStatement.execute();
>
> However, I do not see a similar mechanism to enable encryption.

I think encryption can only be enabled when the database is being
created or booted. A stored procedure can only be called after the
database has been created/booted, so I guess that's why there's no
similar mechanism for encryption.

> So I tried
> the following code:
>
>         // get properties from props file
>         String sysDir = props.getProperty("derby.system.home");
>         String dbName = props.getProperty("database.name");
>
>         EmbeddedDataSource dataSource = new EmbeddedDataSource();
>         dataSource.setUser(userName);
>         dataSource.setPassword(password);
>         dataSource.setConnectionAttributes("dataEncryption=true");
>         dataSource.setConnectionAttributes("bootPassword="+password);
>        
> dataSource.setConnectionAttributes("encryptionAlgorithm=AES/CBC/NoPadding");

Each call to setConnectionAttributes() will overwrite the previous value
of the connection attributes field. Please try this instead:

String attrs = "dataEncryption=true;bootPassword=" + password +
               ";encryptionAlgorithm=AES/CBC/NoPadding";
dataSource.setConnectionAttributes(attrs);

> dataSource.setDatabaseName(sysDir+System.getProperty("file.separator")+dbName);
>
>         connection = dataSource.getConnection();
>
> But this does not seem to enable encryption because when I shut down the
> database and try to reconnect to it by passing it the wrong bootpassword/no
> bootpassword, it boots up the database. Is there any way of enabling
> encryption using EmbeddedDataSource?
>
> Thanks,
> Jay

-- 
Knut Anders

Reply via email to