How to protect username password in shared enviornment

Question

How to protect database username and password in shared hosting enviornment using spring

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource" >
        <property name="driverClassName"><value>com.mysql.jdbc.Driver</value></property>
        <property name="url"><value>jdbc:mysql:///BUSINESS</value></property>
        <property name="username"><value>root</value></property>
        <property name="password"><value>password</value></property>            
    </bean>

Answer 1

I am not aware of any Spring specific solution for this.

In a shared hosting environment one should make sure that file's aren't public readable so other users can't view the content of you’re files. In case of a shared application server, the app server should be in the same group, so only the application server gets access to you’re files.

An application should never use a MySql root password. You should create an MySql account with limited rights on a specific schema (for example an user that can only do DML statements and not DDL statements).

To keep the username/password out of a plain text file you could hardcode the configuration in a Java class (This is basicaly security through obscurity). Replacement configuration:

<bean id="dataSource"
    class="my.app.CustomDriverManagerDataSource" > 
  <property name="driverClassName">
      <value>com.mysql.jdbc.Driver</value>
  </property> 
</bean>

And add this class to you're class path

import org.springframework.jdbc.datasource.DriverManagerDataSource;

public class CustomDriverManagerDataSource extends DriverManagerDataSource {

  public DriverManagerDataSource() {
    super("jdbc:mysql:///BUSINESS","root","password");
  }
}