How can I encrypt password in log4j.properties?
I don't think that is possible. Even if it's possilbe, consider the following:
If you can establish a connection by only providing an "encrypted password", it's like the password is not encrypted, because everyone who copies the encrypted password can connect and compromise your database. The only different is, that the password is presented in a different way and maybe less human readable, but still fully useful. Even if you implement some symetric unencription of the password in your code, if the attacker has access to your configuration file containing the encrypted password, it is very likely that he has also access to your code running on the same machine containing the unencryption algorithm and would be able to decompile and read the algorithm.
Better create a DB-User with restricted access rights to only write into the logging table. In this way a stolen password can't harm your database very much.
Thank God, Finally got some solution to keep encrypted password in Log4j.properties
What all we have to do is,
Replicate JDBCAppender
class of log4j.jar.
Modify the definition of
public void setPassword(String password)
{
this.databasePassword = password;
}
in JDBCAppender
according to your need And replace that class in log4j.jar.