We’ve been exploring how Hibernate ORM uses the password when creating an EntityManager. It appears that Hibernate stores the password in clear text (in memory) by transferring the properties into an instance of ServiceRegistryBuilder, then masking the properties in the EntityManagerFactoryImpl.
We are looking for solution that enables us to send in an encrypted password for the database connection and have it used (in the clear) to connect, but stored in memory as an encrypted object like GuardedString or SecureString.
We have also looked at using something like this (but it appears that this is for encrypting decrypting data (properties) exposed on an Entity (not the passwords used to connect)
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
Can anyone here help us clarify if what we’re trying to do is possible?