You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2010/07/23 06:46:51 UTC
[jira] Created: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Allow encrypted passwords to be used in properties files
--------------------------------------------------------
Key: CAMEL-2987
URL: https://issues.apache.org/activemq/browse/CAMEL-2987
Project: Apache Camel
Issue Type: New Feature
Components: camel-core
Reporter: Claus Ibsen
Fix For: Future
We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
We can use Jasypt as the library
http://www.jasypt.org/
And then add a prefix to the components component
{code}
foo.properties
username=#ENC#4fg48dgh58747f744#ENC#
{code}
Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Work started: (CAMEL-2987) Allow encrypted passwords to be
used in properties files
Posted by "Ashwin Karpe (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on CAMEL-2987 started by Ashwin Karpe.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: Future
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61694#action_61694 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
We need a feature for this so you can easily install it in OSGi.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61688#action_61688 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
We may want to provide a .bat and a .sh file to easily run the tooling. Eg so it can help setup the classpath to run it from the kit
Where <CAMEL> is the unzipped folder where Camel .ZIP is downloaded
{code}
cd <CAMEL>
jasypt.sh -c encrypt -p secret -i tiger
{code}
Where we provide a {{jasypt.sh}} and a {{jasypt.bar}} file for end users to access the tooling easily from command line.
Otherwise they gotta fight with setting up the classpath. Yikes java still sucks here.
However I wonder how to include those files in the kit with maven, and where we should put such files?
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=60858#action_60858 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
See also: https://issues.apache.org/jira/browse/KARAF-34
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Fix For: Future
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61666#action_61666 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
Ashwin we need something similar to what Dejan did with AMQ
http://activemq.apache.org/encrypted-passwords.html
1)
A new camel component, camel-jasypt to contain the implementation to avoid having deps on 3rd party jars in camel-core
2)
A SPI interface in org.apache.camel.spi as neutral interface for this feature. So we can plugin and use other frameworks in the future.
3)
Hook into the Properties component from camel-core and use the pluggable SPI if it has been configured and leverage it to decrypt the text
(eg it scans for ENC( ) tokens), which I assume is a standard feature by Jasypt.
4)
Provide tooling in camel-jasypt like Dejan did, so you can run it from the cmd line to generate those tokens for your passwords
5)
Allow configuration of camel-jasypt to define algorithm and whatnot which is jasypt specific.
In fact it could just be a standard Camel component which you can use to encrypt/decrypt as well.
You have done these kind of components before. Then we can let end users use it for their messages as well.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: Future
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61683#action_61683 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
Ashwin I got start a bit on this and I got a #4 done with a little tooling to allow end users to create the encrypted values.
I will integrate this with the properties component in a pluggable fashion, then we got the important pieces in place.
Then its easier for you to help, for example by creating the Camel component of jasypt which can be used in the routes. (eg to("jasypt:xxxx").
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: Future
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61686#action_61686 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
I started adding documentation at
https://cwiki.apache.org/confluence/display/CAMEL/Jasypt
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61706#action_61706 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
Now running the tooling from cmd line has been made easy. See updated wiki documentation.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Claus Ibsen updated CAMEL-2987:
-------------------------------
Fix Version/s: 2.5.0
(was: Future)
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61685#action_61685 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
Its now integrated with Spring XML so you can do
{code:xml}
<!-- START SNIPPET: e1 -->
<!-- define the jasypt properties parser with the given password to be used -->
<bean id="jasypt" class="org.apache.camel.component.jasypt.JasyptPropertiesParser">
<!-- password is mandatory, you can prefix it with sysenv: or sys: to indicate it should use
an OS environment or JVM system property value, so you dont have the master password defined here -->
<property name="password" value="secret"/>
</bean>
<camelContext xmlns="http://camel.apache.org/schema/spring">
<!-- define the camel properties placeholder, and let it leverage jasypt -->
<propertyPlaceholder id="properties"
location="classpath:org/apache/camel/component/jasypt/myproperties.properties"
propertiesParserRef="jasypt"/>
<route>
<from uri="direct:start"/>
<to uri="{{cool.result}}"/>
</route>
</camelContext>
<!-- END SNIPPET: e1 -->
{code}
Now imagine the to uri was a ftp endpoint, then you could have used a placeholder for the password value in the endpoint uri, and have that password stored in the properties file:
{code}
ftp.username=scott
ftp.password=ENC(bsW9uV37gQ0QHFu7KO03Ww==)
{code}
And you dont have to restrict to password, as we can have any value encrypted.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61684#action_61684 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
I got an initial code for #1, #2 and #3 committed to trunk.
I will continue to work a bit to have the moving parts working. Then I most likely will leave parts of the actual JasyptComponent, JasyptEndpoint and the JasyptProducer up in the air, in case you want to give a go.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Ashwin Karpe (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ashwin Karpe reassigned CAMEL-2987:
-----------------------------------
Assignee: Ashwin Karpe
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: Future
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61687#action_61687 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
camel-jasypt is now in the kit
trunk: 992744.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=61615#action_61615 ]
Claus Ibsen commented on CAMEL-2987:
------------------------------------
Coordinate with Dejan as he starts working on this feature for ActiveMQ (AMQ-2460).
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: Future
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (CAMEL-2987) Allow encrypted passwords to be used
in properties files
Posted by "Claus Ibsen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/CAMEL-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Claus Ibsen resolved CAMEL-2987.
--------------------------------
Resolution: Fixed
Added feature for camel-jasypt
trunk: 993248.
> Allow encrypted passwords to be used in properties files
> --------------------------------------------------------
>
> Key: CAMEL-2987
> URL: https://issues.apache.org/activemq/browse/CAMEL-2987
> Project: Apache Camel
> Issue Type: New Feature
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Ashwin Karpe
> Fix For: 2.5.0
>
>
> We should add a feature to the properties component and simple language so it can resolve encrypted usernames/passwords etc.
> We can use Jasypt as the library
> http://www.jasypt.org/
> And then add a prefix to the components component
> {code}
> foo.properties
> username=#ENC#4fg48dgh58747f744#ENC#
> {code}
> Just figuring our what the prefix/suffix tokens should be. Most likely something better than {{#ENC#}}
> The simple language could have a built in function for this as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.