After reading Pete Finnigan's comment about my custom JDBC URL provider sample code, I've updated the example code to make it more clear that it's not really my intention that you'd hard-code the username/password in the class. I've just provided the ingredients that you can run with to build a more interesting (and secure) alternative. The comment in the source now reads:
* NOTE: You could modify this example to read this connection
* ---- information from some alternative location such as a properties
* file in the classpath, a custom repository, or something else.
*
* The security of your deployment obviously improves if you are
* working with encrypted password information when you implement
* your solution based on this example. The more interesting
* alternative source and eventual decrypting of the stored password
* are left as exercises for the reader.
8:15:52 PM 
|
