Internal representation of statements and results when typehandlers are used (are they ever set as strings? )

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Internal representation of statements and results when typehandlers are used (are they ever set as strings? )

Liam Ryan
We're using mybatis to query a database which includes sensitive information. Security best practices recommend storing sensitive information in char[] and nulling the array as soon as possible. This brought up several questions regarding mybatis 

1. When using a typehandler internally is the original data ever stored as a String? 
2. When executing a query by using the @Select annotation and a map ( including the char[] ) is the query ever parsed to a String as an intermediate step? 
3. Are the results from the database ever set to Strings as an intermediate step ( pretty similar to 1. but it could be possible that the data is never stored as a string, maybe it's cast to a String for some operation? Could be that the entire result comes back as a String initally?  ) 

I had a look through the source but it would take me a long time to go through everything, I'm hoping someone who contributes to mybatis might be able to clarify. 

Thanks, 
Liam

--
You received this message because you are subscribed to the Google Groups "mybatis-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Loading...