This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.

Bug 180177 - Use Encryption API vs. scrambling algorithm.
Summary: Use Encryption API vs. scrambling algorithm.
Status: RESOLVED FIXED
Alias: None
Product: db
Classification: Unclassified
Component: Code (show other bugs)
Version: 7.0.1
Hardware: PC Windows Vista
: P3 normal (vote)
Assignee: Jiri Rechtacek
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-02-02 16:15 UTC by gliesian
Modified: 2012-10-06 18:51 UTC (History)
0 users

See Also:
Issue Type: ENHANCEMENT
Exception Reporter:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description gliesian 2010-02-02 16:15:15 UTC 
Text in the Connect to Database Dialog Box help screen reads: 

"Storing a password represents a potential security risk. Connection passwords are stored in an xml file in the config/Databases/Connections directory in the IDE user dir. Passwords are scrambled but they are not encrypted."

I'm not sure why the passwords are scrambled when encrypting the password with a simple API like JASYPT (http://www.jasypt.org/) can be done.

Actually, I did look at the saved 'scambled' password and it looks encrypted to me.  Was the code updated and not the documentation?
Comment 1 Jiri Rechtacek 2010-02-03 03:10:53 UTC 
Also tracked as issue 178169
Comment 2 matthias42 2012-10-06 18:51:55 UTC 
Closing as in netbeans 7.2 the mentioned paragraph is not present anymore.