11

I have an existing java webapp that uses Hibernate for it's persistence. I've been told that I have to have to talk to the DB encrypted - so my first thought is to set it up to do the communication via SSL - and went through figured out how to set up Oracle to listen for JDBC over SSL -

http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl_2007.pdf

And wrote a quick test class to verify that it was setup and working (connecting via standard JDBC). That left me with the issue of configuring Hibernate - unfortunately I don't see how hibernate supports it?

Improve this question
1

5 Answers 5

Reset to default
5

Hibernate works with standard JDBC data sources, so there is no need for Hibernate-specific configuration.

Here's an quick example that should work when configuring Hibernate with Spring:

<bean id="dataSource" class="oracle.jdbc.pool.OracleDataSource">
    <property name="URL"><value><!-- JDBC URL that specifies SSL connection --></value></property>
    <!-- other relevant properties, like user and password -->
    <property name="connectionProperties>
        <value>
            oracle.net.ssl_cipher_suites: (ssl_rsa_export_with_rc4_40_md5, ssl_rsa_export_with_des40_cbc_sha)
            oracle.net.ssl_client_authentication: false
            oracle.net.ssl_version: 3.0
            oracle.net.encryption_client: REJECTED 
            oracle.net.crypto_checksum_client: REJECTED
        </value>
    </property>
</bean>

<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
    <property name="dataSource" ref="dataSource" />
    <!-- classes etc -->
</bean>
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

However I have to set some properties on the driver - using JDBC I can just do this : prop .setProperty("oracle.net.ssl_cipher_suites", "(ssl_rsa_export_with_rc4_40_md5, ssl_rsa_export_with_des40_cbc_sha)"); prop.setProperty("oracle.net.ssl_client_authentication", "false"); prop.setProperty("oracle.net.ssl_version", "3.0"); prop.setProperty("oracle.net.encryption_client", "REJECTED"); prop.setProperty("oracle.net.crypto_checksum_client", "REJECTED"); However how can I get thos properties associated with the driver through hibernate?
That depends how you are configuring Hibernate. I'll add an example that you can use with Spring in a moment.
If you are not using Spring, see Table 3.4 of the Hibernate docs: docs.jboss.org/hibernate/stable/core/reference/en/html/… - although I haven't tested it, it seems that you can pass JDBC properties to Hibernate just by adding hibernate.connection.* properties.
4

Try this:

    <property name="hibernate.dialect">org.hibernate.dialect.MySQLInnoDBDialect</property>
    <property name="hibernate.connection.driver_class">com.mysql.jdbc.Driver</property>
    <property name="hibernate.connection.url">jdbc:mysql://blablaba:8443/dbname?useSSL=true</property>
    <property name="hibernate.connection.verifyServerCertificate">false</property>
    <property name="hibernate.connection.requireSSL">true</property>
    <property name="hibernate.connection.autoReconnect">true</property>
    <property name="hibernate.connection.username">bablablab</property>
    <property name="hibernate.connection.password">clclclclc</property>

related links

http://www.razorsql.com/articles/mysql_ssl_jdbc.html

http://dev.mysql.com/doc/refman/5.0/en/connector-j-reference-using-ssl.html

http://www.javabeat.net/qna/164-hibernate-jdbc-and-connection-properties/

Improve this answer

1 Comment

I tried your configuration but it does not give me any effect .
2

Please add following property in Hibernate configuration file to enable SSL :

<property name="hibernate.connection.verifyServerCertificate">false</property> <property name="hibernate.connection.useSSL">true</property>

Improve this answer

2 Comments

Is there anything new in this answer that the other answers haven't already said?
The others answer used: <property name="hibernate.connection.requireSSL">true</property> But for my case it didn't worked. I have to use following to get it work : <property name="hibernate.connection.useSSL">true</property>
1

Should be handled by the driver but you may have to do some configuration. Oracle Docs

Improve this answer

Comments

0

I had the jdbcURL jdbc:postgresql://jdbcurl?sslmode=require&sslrootcert=location_to_cert1&sslcert=location_to_cert2&sslkey=location_to_cert3.

All I had to do was to replace all the & with &amp;.

My new jdbcURL looks like jdbc:postgresql://jdbcurl?sslmode=require&amp;sslrootcert=location_to_cert1&amp;sslcert=location_to_cert2&amp;sslkey=location_to_cert3

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.