One of the key runtime properties used to connect to an RDBMS from isCOBOL is the iscobol.jdbc.url (among others).
It is usually included in a text formatted properties file.
For example, the following properties would be included to connect to an Oracle DB.
It is clear that the user "orauser1" and the password "0raPw1" are visible at plain sight.
However, by leveraging the ability of isCOBOL to set runtime properties dynamically, those could be hidden following these tips.
1. Create an ISAM file to store the user and password, including 1 field for each one. For example.
05 db-user pic x(10).
05 db-password pic x(16).
2. Create an isCOBOL program to save the user and password on that ISAM file, just as you would save any other data on an indexed file.
Instead, for the password you may use the "a$encrypt" system routine to encrypt it before saving. See the following excerpt.
call "a$encrypt" using ws-password
3. Remove the iscobol.jdbc.url property from your text properties file.
4. On the connection program, before the CONNECT statement you will read the ISAM file and decrypt the password as follows.
call "a$decrypt" using db-password
5. Finally put together the jdbc.url property dynamically as follows, just before the CONNECT statement.
string "jdbc:oracle:thin:" delimited by size
db-user delimited by trailing spaces
"/" delimited by size
ws-password delimited by trailing spaces
set environment "jdbc.url"