You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by vi...@wipro.com on 2015/03/24 12:43:11 UTC
Jasypt encrypted passwords for MS SQL Server DB
Facing an issue with connecting to an MS SQL server database using Jasypt encrypted passwords. Same code is working fine with a postgresql database with same userid/password. Database credentials are in a properties file loaded using configAdmin with blueprint. Properties file is as below
db1.driver=org.postgresql.Driver
db1.url=jdbc:postgresql://localhost:5432/db1
db1.user=user
db1.password=ENC(lkjalsdkalsdlksd;alk)
db2.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
db2.url=jdbc:sqlserver://localhost:1433;databaseName=db2
db2.user=user
db2.password=ENC(lkjalsdkalsdlksd;alk)
If I remove the ENC enclosure and provide the plain text password for SQL Server database, everything is fine. Any issue reported specific to MS SQL Server ?
-Vinu
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
RE: Jasypt encrypted passwords for MS SQL Server DB
Posted by vi...@wipro.com.
Does the placement of "enc:property-placeholder" matters in the blueprint.xml ?
The issue I faced with respect to SQL Server login with encrypted password was originated from the fact that the passwords were not automatically getting decrypted. I had the blueprint XML as below originally where I have the cm:property-placeholder with persistent-id "my" placed after <enc:property-placeholder>. In this case the decryption does not happen.
regards
Vinu
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0"
xmlns:enc="http://karaf.apache.org/xmlns/jasypt/v1.0.0">
<cm:property-placeholder persistent-id="appConfig" update-strategy="reload">
<cm:default-properties>
<cm:property name="name" value="localhost:9999" />
</cm:default-properties>
</cm:property-placeholder>
<enc:property-placeholder>
<enc:encryptor class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config">
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="passwordEnvName" value="ENVVAR" />
</bean>
</property>
</enc:encryptor>
</enc:property-placeholder>
<cm:property-placeholder persistent-id="my"
update-strategy="reload" placeholder-prefix="$(" placeholder-suffix=")">
<cm:default-properties>
<cm:property name="mydb.url" value="localhost:9999" />
<cm:property name="mydb.username" value="sa" />
<cm:property name="mydb.password" value=" " />
</cm:default-properties>
</cm:property-placeholder>
<bean id="dbbean" class="org.karaf.enc.test.DBConfig">
<property name="url" value="$(mydb.url)" />
<property name="username" value="$(mydb.username)" />
<property name="password" value="$(mydb.password)" />
</bean>
</blueprint>
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
RE: Jasypt encrypted passwords for MS SQL Server DB
Posted by vi...@wipro.com.
Michael/JB, thanks for the response. Yes I followed the JB's blog post and have the encrypted passwords working for postgresql databases. Same code when used with MS SQL Server is not working with encrypted password enclosed in ENC(). MS SQL Server says "incorrect password". With plain text it is fine. I have the following in blueprint.xml
<enc:property-placeholder>
<enc:encryptor class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config">
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="passwordEnvName" value="PASSWORD" />
</bean>
</property>
</enc:encryptor>
</enc:property-placeholder>
And following in properties file.
db1.driver=org.postgresql.Driver
db1.url=jdbc:postgresql://localhost:5432/db1
db1.user=user
db1.password=ENC(lkjalsdkalsdlksd;alk)
db2.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
db2.url=jdbc:sqlserver://localhost:1433;databaseName=db2
db2.user=user
db2.password=ENC(lkjalsdkalsdlksd;alk)
regards
Vinu
-----Original Message-----
From: Jean-Baptiste Onofré [mailto:jb@nanthrax.net]
Sent: Wednesday, March 25, 2015 1:47 AM
To: user@karaf.apache.org
Subject: Re: Jasypt encrypted passwords for MS SQL Server DB
By the way:
http://blog.nanthrax.net/2014/10/encrypt-configadmin-properties-values-in-apache-karaf/
Regards
JB
On 03/24/2015 12:43 PM, vinuraj.maroli@wipro.com wrote:
> Facing an issue with connecting to an MS SQL server database using
> Jasypt encrypted passwords. Same code is working fine with a
> postgresql database with same userid/password. Database credentials
> are in a properties file loaded using configAdmin with blueprint.
> Properties file is as below
>
> db1.driver=org.postgresql.Driver
>
> db1.url=jdbc:postgresql://localhost:5432/db1
>
> db1.user=user
>
> db1.password=ENC(lkjalsdkalsdlksd;alk)
>
> db2.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
>
> db2.url=jdbc:sqlserver://localhost:1433;databaseName=db2
>
> db2.user=user
>
> db2.password=ENC(lkjalsdkalsdlksd;alk)
>
> If I remove the ENC enclosure and provide the plain text password for
> SQL Server database, everything is fine. Any issue reported specific
> to MS SQL Server ?
>
> -Vinu
>
> The information contained in this electronic message and any
> attachments to this message are intended for the exclusive use of the
> addressee(s) and may contain proprietary, confidential or privileged
> information. If you are not the intended recipient, you should not
> disseminate, distribute or copy this e-mail. Please notify the sender
> immediately and destroy all copies of this message and any attachments. WARNING:
> Computer viruses can be transmitted via email. The recipient should
> check this email and any attachments for the presence of viruses. The
> company accepts no liability for any damage caused by any virus
> transmitted by this email. www.wipro.com
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
Re: Jasypt encrypted passwords for MS SQL Server DB
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
By the way:
http://blog.nanthrax.net/2014/10/encrypt-configadmin-properties-values-in-apache-karaf/
Regards
JB
On 03/24/2015 12:43 PM, vinuraj.maroli@wipro.com wrote:
> Facing an issue with connecting to an MS SQL server database using
> Jasypt encrypted passwords. Same code is working fine with a postgresql
> database with same userid/password. Database credentials are in a
> properties file loaded using configAdmin with blueprint. Properties file
> is as below
>
> db1.driver=org.postgresql.Driver
>
> db1.url=jdbc:postgresql://localhost:5432/db1
>
> db1.user=user
>
> db1.password=ENC(lkjalsdkalsdlksd;alk)
>
> db2.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
>
> db2.url=jdbc:sqlserver://localhost:1433;databaseName=db2
>
> db2.user=user
>
> db2.password=ENC(lkjalsdkalsdlksd;alk)
>
> If I remove the ENC enclosure and provide the plain text password for
> SQL Server database, everything is fine. Any issue reported specific to
> MS SQL Server ?
>
> -Vinu
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s)
> and may contain proprietary, confidential or privileged information. If
> you are not the intended recipient, you should not disseminate,
> distribute or copy this e-mail. Please notify the sender immediately and
> destroy all copies of this message and any attachments. WARNING:
> Computer viruses can be transmitted via email. The recipient should
> check this email and any attachments for the presence of viruses. The
> company accepts no liability for any damage caused by any virus
> transmitted by this email. www.wipro.com
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Jasypt encrypted passwords for MS SQL Server DB
Posted by Michael Täschner <m....@gmail.com>.
Hi Vinu,
just re-read your mail. If you are not using pax-jdbc but plain blueprint
with configAdmin then check following guide [1] for how to configure
encryption of properties. Should work with "cm" instead of "etc" managed
properties as well.
[1]
https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Security_Guide/files/ESBSecurityEncryptProperties.html
Cheers,
Michael
2015-03-24 14:17 GMT+01:00 Michael Täschner <m....@gmail.com>:
> Hi Vinu,
>
> I raised this issue a couple of weeks ago and it is being looked at right
> now. Please check https://ops4j1.jira.com/browse/PAXJDBC-65
>
> Cheers,
> Michael
>
> 2015-03-24 12:43 GMT+01:00 <vi...@wipro.com>:
>
>> Facing an issue with connecting to an MS SQL server database using
>> Jasypt encrypted passwords. Same code is working fine with a postgresql
>> database with same userid/password. Database credentials are in a
>> properties file loaded using configAdmin with blueprint. Properties file is
>> as below
>>
>>
>>
>> db1.driver=org.postgresql.Driver
>>
>> db1.url=jdbc:postgresql://localhost:5432/db1
>>
>> db1.user=user
>>
>> db1.password=ENC(lkjalsdkalsdlksd;alk)
>>
>>
>>
>> db2.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
>>
>> db2.url=jdbc:sqlserver://localhost:1433;databaseName=db2
>>
>> db2.user=user
>>
>> db2.password=ENC(lkjalsdkalsdlksd;alk)
>>
>>
>>
>> If I remove the ENC enclosure and provide the plain text password for SQL
>> Server database, everything is fine. Any issue reported specific to MS SQL
>> Server ?
>>
>>
>>
>> -Vinu
>> The information contained in this electronic message and any attachments
>> to this message are intended for the exclusive use of the addressee(s) and
>> may contain proprietary, confidential or privileged information. If you are
>> not the intended recipient, you should not disseminate, distribute or copy
>> this e-mail. Please notify the sender immediately and destroy all copies of
>> this message and any attachments. WARNING: Computer viruses can be
>> transmitted via email. The recipient should check this email and any
>> attachments for the presence of viruses. The company accepts no liability
>> for any damage caused by any virus transmitted by this email.
>> www.wipro.com
>>
>
>
Re: Jasypt encrypted passwords for MS SQL Server DB
Posted by Michael Täschner <m....@gmail.com>.
Hi Vinu,
I raised this issue a couple of weeks ago and it is being looked at right
now. Please check https://ops4j1.jira.com/browse/PAXJDBC-65
Cheers,
Michael
2015-03-24 12:43 GMT+01:00 <vi...@wipro.com>:
> Facing an issue with connecting to an MS SQL server database using
> Jasypt encrypted passwords. Same code is working fine with a postgresql
> database with same userid/password. Database credentials are in a
> properties file loaded using configAdmin with blueprint. Properties file is
> as below
>
>
>
> db1.driver=org.postgresql.Driver
>
> db1.url=jdbc:postgresql://localhost:5432/db1
>
> db1.user=user
>
> db1.password=ENC(lkjalsdkalsdlksd;alk)
>
>
>
> db2.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
>
> db2.url=jdbc:sqlserver://localhost:1433;databaseName=db2
>
> db2.user=user
>
> db2.password=ENC(lkjalsdkalsdlksd;alk)
>
>
>
> If I remove the ENC enclosure and provide the plain text password for SQL
> Server database, everything is fine. Any issue reported specific to MS SQL
> Server ?
>
>
>
> -Vinu
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s) and
> may contain proprietary, confidential or privileged information. If you are
> not the intended recipient, you should not disseminate, distribute or copy
> this e-mail. Please notify the sender immediately and destroy all copies of
> this message and any attachments. WARNING: Computer viruses can be
> transmitted via email. The recipient should check this email and any
> attachments for the presence of viruses. The company accepts no liability
> for any damage caused by any virus transmitted by this email.
> www.wipro.com
>