Page History
...
| Anchor | ||||
|---|---|---|---|---|
|
JS7 - JITL Database Jobs can can access a Credential Store in the following ways:
...
The Hibernate access layer is used for database access and frequently requires is used with database credentials. The access information such as accounts, passwords and JDBC URLs etc. are specified with the Hibernate configuration files.
Generally it is preferable not to directly use passwords to access a database but to use Integrated Security, Oracle Wallet etc. However, should there be a need to specify passwords then instead of using a plain text password in a configuration file you users can add your a password to a KeePass Credential Store and add a reference for to the Credential Store to your their Hibernate configuration file. This applies to the following JITL Database Jobs:
...
The full syntax is used when the complete URI is specified with each element of the Hibernate configuration file:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<hibernate-configuration>
<session-factory>
...
<property name="hibernate.connection.username">cs://secret/database/reporting@user?file=./config/secret.kdbx</property>
<property name="hibernate.connection.password">cs://secret/database/reporting@password?file=./config/secret.kdbx</property>
<property name="hibernate.connection.url">cs://secret/database/reporting@url?file=./config/secret.kdbx</property>
...
</session-factory>
</hibernate-configuration |
...
References to a Credential Store
References to a credential store Credential Store can be directly specified from arguments.
...
References to a Credential Store
References to a credential store Credential Store can be directly specified from arguments.
...
The full syntax is used when the complete URI is specified with an argument, for example:
Name | Purpose | Example |
|---|---|---|
| This argument specifies the user account to be used when connecting to the SSH server. |
|
| This argument specifies the user account's password for authentication by the SSH server and has to be specified if the password authentication method is specified with the | cs://jobs/ssh/ssh.sos-berlin.com@password?file=./config/jobs.kdbx |
| This argument specifies the path and name of a private key file used for authentication with an SSH server. This argument has to be specified if the publickey authentication method is specified with the |
|
proxy_user | The value of this argument specifies the user account for authentication with the proxy server that is used to connect to the SSH server. | cs://jobs/ssh/ssh-proxy.sos-berlin.com@user?file=./config/jobs.kdbx |
proxy_password | This argument specifies the password for the proxy server user account if a proxy is used to connect to the SSH server. | cs://jobs/ssh/ssh-proxy.sos-berlin.com@password?file=./config/jobs.kdbx |
Explanation:
- The
jobs/mail/ssh.sos-berlin.com xvalue is an example for a path to an entry in the KeePass database that holds the credentials. - The
./config/jobs.kdbxvalue is an example for a relative path to the KeePass database that holds the Credential Store.
...
The short syntax can be used if arguments are specified with references to the Credential Store location, for example:
Name | Example |
|---|---|
|
|
| cs://jobs/ssh/ssh.sos-berlin.com@password |
| cs://jobs/ssh/ssh.sos-berlin.com@attachment |
credential_store_file | ./config/jobs.kdbx |
credential_store_key_file | ./config/jobs.key |
credential_store_password | secret |
credential_store_entry_path | /jobs/ssh |
Overview
Content Tools