2020-06-30 12:48:07 +02:00
|
|
|
include::../description.adoc[]
|
|
|
|
|
|
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
|
|
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
|
|
|
|
|
|
== Sensitive Code Example
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
Connection conn = null;
|
|
|
|
|
try {
|
|
|
|
|
conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
|
|
|
|
|
"user=steve&password=blue"); // Sensitive
|
|
|
|
|
String uname = "steve";
|
|
|
|
|
String password = "blue";
|
|
|
|
|
conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
|
|
|
|
|
"user=" + uname + "&password=" + password); // Sensitive
|
|
|
|
|
|
|
|
|
|
java.net.PasswordAuthentication pa = new java.net.PasswordAuthentication("userName", "1234".toCharArray()); // Sensitive
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
== Compliant Solution
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
Connection conn = null;
|
|
|
|
|
try {
|
|
|
|
|
String uname = getEncryptedUser();
|
|
|
|
|
String password = getEncryptedPass();
|
|
|
|
|
conn = DriverManager.getConnection("jdbc:mysql://localhost/test?" +
|
|
|
|
|
"user=" + uname + "&password=" + password);
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
include::../see.adoc[]
|
2021-06-02 20:44:38 +02:00
|
|
|
|
2021-06-03 09:05:38 +02:00
|
|
|
ifdef::env-github,rspecator-view[]
|
2021-06-02 20:44:38 +02:00
|
|
|
== Comments And Links
|
|
|
|
|
(visible only on this page)
|
|
|
|
|
|
|
|
|
|
include::comments-and-links.adoc[]
|
2021-06-03 09:05:38 +02:00
|
|
|
endif::env-github,rspecator-view[]
|
