找到你要的答案

Q:How to secure the credentials in java application

Q:如何在java应用程序的安全凭据

In am searching for a way to secure the credentials that are used to communicate with other services. I have stored all the credentials in property file and i am fetching it from that file which is not right way of doing. One thing which i can do is store the credentials in encrypted format and fetch the encrypted value decrypt it to get the real value or use preferences to store these credentials. Does any one have any better way of doing this.

AM正在寻找一种方法来确保与其他服务进行通信的凭据。我已将所有凭证存储在属性文件中,而我正在从该文件中获取不正确的方法。我可以做的一件事是存储凭据加密格式和提取加密值解密它获得真正的价值或使用偏好来存储这些凭据。有没有人有更好的方法做这件事。

answer1: 回答1:

Have a read into Java's support for key stores.

http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores

有一个读成java支持密钥存储。

http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores

answer2: 回答2:

In a first simple approach, I think you could try hashing/digesting encryption, that is, you could use MD5, SHA1, SHA256, ... to obtain a digest that can't be unencrypted.

Then, when you want to check someone credentials, you must obtain a digest of credentials provided and check it against previously stored digest.

This a more secure way, it is relatively simple and you can keep using a file to store encrypted digests.

Here you are with a MD5 and/or SHA sample, that uses org.apache.commons.codec.digest.DigestUtils from Apache Commons Codec:

String digestedSHA = DigestUtils.sha256Hex(clearPass);
String digestedMD5 = DigestUtils.md5Hex(clearPass);

It is easy and straightforward. Of course there are more advanced options. Maybe you can start with this.

Hope it helps!

在一个简单的方法,我想你可以试试散列/消化加密,即你可以使用MD5,SHA1,SHA256,…得到消化,不能加密。

然后,当您想检查某个凭据时,必须获取提供的凭据的摘要,并检查它是否与以前存储的摘要相匹配。

这是一个更安全的方式,它是相对简单的,你可以用文件来存储加密的摘要。

在这里你有一个MD5和/或沙样品,用org.apache.commons.codec.digest.digestutils从Apache Commons编解码器:

String digestedSHA = DigestUtils.sha256Hex(clearPass);
String digestedMD5 = DigestUtils.md5Hex(clearPass);

它简单明了。当然还有更高级的选择。也许你可以从这个开始。

希望它帮助!

java  rest