Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
Features:
Steps to integrate jasypt with Hibernate:>
Assume we are using annotation based hibernate.
Configuring the Hibernate mapping
step1: @TypeDef(name ="encryptedString", typeClass = EncryptedStringType.class,
parameters = {
@Parameter(name = "encryptorRegisteredName", value="strongHibernateStringEncryptor")
}
)
entry on youjr domain class.
step2: @Type(type = "encryptedString"): put it like given on the fields to whom you want to encrypt(the records of the particular field will store in the derfined encrypted format in database)
step3: Providing the encryptor to Hibernate
you can make it in two ways: Using springs:
class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
PBEWithMD5AndTripleDES
jasypt
class="org.jasypt.hibernate.encryptor.HibernatePBEStringEncryptor">
strongHibernateStringEncryptor
without using springs:
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
...
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
step 4:
download the JCE(Java Cryptogrphy Extension files) from sun java site and replace(US_export_policy, local_policy) files with the existed jar
files in directory --> Java>jre1.5.0_16>lib>security><>
download Java Cryptogrphy Extension files
Now you can run your application.
Features:
- Jasypt follows the RSA standards for password-based cryptography, and provides you with both unidirectional and bidirectional encryption techniques.
- Open API for use with any JCE provider, and not only the default Java VM one. Jasypt can be easily used with well-known providers like Bouncy Castle. Learn more.
- Higher security for your users' passwords. Learn more.
- Binary encryption support. Jasypt allows the digest and encryption of binaries (byte arrays). Encrypt your objects or files when needed (for being sent over the net, for example).
- Number encryption support. Besides texts and binaries, it allows the digest and encryption of numeric values (BigInteger and BigDecimal, other numeric types are supported when encrypting for Hibernate persistence). Learn more.
- Completely thread-safe.
- Provides both easy, no-configuration encryption tools for users new to encryption, and also highly configurable standard encryption tools, for power-users.
- Hibernate 3 optional integration for persisting fields of your mapped entities in an encrypted manner. Encryption of fields is defined in the Hibernate mapping files, and it remains transparent for the rest of the application (useful for sensitive personal data, databases with many read-enabled users...). Encrypt texts, binaries, numbers, booleans, dates... Learn more.
- Seamlessly integrable into a Spring application. All the digesters and encryptors in jasypt are designed to be easily used (instantiated, dependency-injected...) from Spring. And, because of their being thread-safe, they can be used without synchronization worries in a singleton-oriented environment like Spring. Learn more.
- Spring Security (former Acegi Security) optional integration for performing password encryption and matching tasks for the security framework, improving the security of your users' passwords by using safer password encryption mechanisms and providing you with a higher degree of configuration and control. Learn more.
- Provides advanced functionality for encrypting all or part of an application's configuration files, including sensitive information like database passwords. Seamlessly integrate encrypted configuration into plain, Spring-based and/or Hibernate-enabled applications. Learn more.
- Provides easy to use CLI (Command Line Interface) tools to allow developers initialize their encrypted data and include encryption/decryption/digest operations in maintenance tasks or scripts. Learn more.
- Integrates into Apache Wicket, for more robust encryption of URLs in your secure applications.
- Comprehensive guides and javadoc documentation, to allow developers to better understand what they are really doing to their data.
- Robust charset support, designed to adequately encrypt and digest texts whichever the original charset is. Complete support for languages like Japanese, Korean, Arabic... with no encoding or platform issues.
- Very high level of configuration capabilities: The developer can implement tricks like instructing an "encryptor" to ask a, for example, remote HTTPS server for the password to be used for encryption. It lets you meet your security needs. Learn more.
Steps to integrate jasypt with Hibernate:>
Assume we are using annotation based hibernate.
Configuring the Hibernate mapping
step1: @TypeDef(name ="encryptedString", typeClass = EncryptedStringType.class,
parameters = {
@Parameter(name = "encryptorRegisteredName", value="strongHibernateStringEncryptor")
}
)
entry on youjr domain class.
step2: @Type(type = "encryptedString"): put it like given on the fields to whom you want to encrypt(the records of the particular field will store in the derfined encrypted format in database)
step3: Providing the encryptor to Hibernate
you can make it in two ways: Using springs:
class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
class="org.jasypt.hibernate.encryptor.HibernatePBEStringEncryptor">
without using springs:
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
...
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
step 4:
download the JCE(Java Cryptogrphy Extension files) from sun java site and replace(US_export_policy, local_policy) files with the existed jar
files in directory --> Java>jre1.5.0_16>lib>security><
download Java Cryptogrphy Extension files
Now you can run your application.
Comments