Skip to Main Content
Enterprise JavaBeans 3.1, 6th Edition
book

Enterprise JavaBeans 3.1, 6th Edition

by Andrew Lee Rubinger, Bill Burke
September 2010
Intermediate to advanced content levelIntermediate to advanced
766 pages
18h 35m
English
O'Reilly Media, Inc.
Content preview from Enterprise JavaBeans 3.1, 6th Edition

Example: The EncryptionEJB

Often we write applications that require users to choose a password or enter a credit card number. Storing this sensitive data in its raw form (called cleartext) represents a security risk: if someone were to gain unauthorized access to our database, he or she could query for this information and we’d be liable for any damage done. A nice alternative to persisting these fields in human-legible format is to encrypt them using our application. Because this is a simple request-response model requiring no conversational state, the stateless session bean is ideally suited to handle these requirements efficiently. Other EJBs or standalone clients may later leverage the generic encryption service we provide in this component.

The EncryptionEJB example is discussed in full detail in Appendix B.

There are two techniques we’ll consider:

  • Cryptographic hashing

  • Cipher-based symmetrical encryption

Cryptographic hashing is the process in which some input is transformed into a reproducible, fixed-size result. The algorithm is unidirectional, meaning that it’s not mathematically possible to un-hash the output back to its original form. By storing the hash of passwords only, we may compare hashes of login attempts against the stored value (see Figure 5-3).

Comparing input with a hash of the expected result

Figure 5-3. Comparing input with a hash of the expected result

Sometimes we need to be able to get the cleartext back out of ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Reinventing the Organization for GenAI and LLMs

Reinventing the Organization for GenAI and LLMs

Ethan Mollick
JavaServer Faces

JavaServer Faces

Hans Bergsten
EJB 3 Developer Guide

EJB 3 Developer Guide

Michael Sikora

Publisher Resources

ISBN: 9781449399139Errata Page