As the title indicates, I have the connection information to my database located in a .xml file. Here the full code of this file :
-
I can't figure out how to retrieve the information from my java code. (using JDBC)
As a first step, I started to develop a function that allows me to confirm the existence of the file.
Here a part of the code :
public String searchFile() throws Exception {
String retour = "ko";
File fichier;
for (File lment : File.listRoots()) {
fichier = new File(lment + "\\XFiles\\Conf\\init.xml");
if (fichier.exists()) {
cheminFichier=lment+"\\XFiles\\Conf\\init.xml";
retour = "ok";
}
}
return retour;
}
I'm open to any suggestion or idea which allows me to undertand and solve this problem.
解决方案
Java Naming and Directory Interface (JNDI)
Your XML looks like a definition file from a web container such as Apache Tomcat.
If so, you should be using the Java Naming and Directory Interface (JNDI) API built into Java to access the information indirectly.
Some people load the database info in an LDAP server or a similar directory service, reachable from your Java code via JNDI.
Tomcat and similar web containers bundle their own directory service, reached by your Java code via JNDI. The key idea here is no hard-coding of details that change at deployment time. Your web app code should not know anything about your particular web container, nor should your web app know anything about its configuration files. JNDI is the middle-man between your web app and the runtime deployment details. So when the database password changes, you need not re-compile your web app. When you or you admins change from Tomcat to Payara, for example, you need not re-compile your web app.
So you would not in your code be directly opening an XML file. That reading and parsing of the XML file is the job of your web container.
You would be asking the JNDI service to provide you with a DataSource object. From that data source, you call getConnection to connect to database. This puts all of the configuration info responsibility in the hands of the sysadmin. The configuration is transparent to you as the programmer.
As for encrypting the password in the Resource tag of your XML configuration file: You don‘t. If you search the Web you will find articles explaining that to some point your quest for protection must end. If you encrypt the password there, you must still have a decryption key somewhere. So you must protect that decryption key by encrypting it, which means you need to protect that second key. And so on, turtles all the way down. At some point you must have a locked-down system that is trustworthy.
Search Stack Overflow to learn more as this has been covered many times. The sister site Server Fault Stack Exchange might also have info.
扫一扫
2463
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
