Secure JDBC connection

I'm a .NET dev, but I've run into the exact same situation.

Last year I was working at a company that had to be PCI compliant to store credit card data, so security was a big deal. The URL/login data has to exist somewhere. The most common method I've seen for securing it is with encryption. I don't know about Java in particular, but .NET has several encryption namespaces in the core Framework. We used these to encrypt the database logins.

You still have a potential security vulnerability, which are the encryption keys used to encrypt/decrypt the data. We used the PCI "compensating controls" method here. Access to the keys is restricted to "key management" role. We also tracked access of the key itself so that there was a record of all user-initiated and system-initiated access. No one user had access to these logs, so there could be no covering of tracks by a single user. These overlapping security methods essentially create a situation where nothing less than a coordiated conspiracy between multiple administrators is required to put the data in jeopardy.

If you aren't willing to store it, you have to prompt for it. You could encrypt the password, but then you have to have a key to decrypt it and you are stuck in the same problem.

One of the common solutions to this problem for server based applications is to store the username and password in a file that has user permissions set in such a way that only the executing user of the application/service can read its contents.

For example, you run your application as user foo-service and it inherits all of the access privileges of the foo-service user. The file containing the username and password is only readable by that user. You read the value from the file and connect to the database as normal.

Possible problems with this approach:

• The superuser of this machine may be able to get the password to the database.
• An attacker who has penetrated your application security can get access to the database credentials.

The above problems are normally mitigated by tuning the access privileges for the application to the database and the network. Nearly any other solution you come up will get you into a chicken-and-egg problem because you are basically trying to hide something from itself.

The best way would be to store the information as a configured data source in the JNDI context of your application server. You can then use the facilities of the application server to configure data sources at deployment time. All the application has to do is look up the appropriate JNDI name at runtime and use that. This is a common pattern for Java web applications.

Use web services to separate your application from the server doing the database access. Sign your web application and then only allow a properly signed application to call the web services server.

You can try to load a file using system properties. -Dapplication.configuration=application.properties.

When the property file is not passed then the you should use default file with default config.

When the file exists you override the defaults with the values provided from configuration.

java -Dlog4j.configuration=file:/log4j.properties -Dapplication.configuration=file:/live-conf.conf -jar app.jar "applicationarg1" "applicationarg1"

More sources to follow: https://docs.oracle.com/javase/tutorial/essential/environment/properties.html

How to override system properties:

-Dproperty=value Set a system property value. If value is a string that contains spaces, you must enclose the string in double quotes:

http://docs.oracle.com/javase/6/docs/technotes/tools/windows/java.html