You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@karaf.apache.org by Mane-EXTERNAL Prithivraj <Pr...@gemalto.com> on 2014/12/24 15:04:24 UTC
Need help realted to Jasypt ecryption in Karaf
Hi ,
We are using Jasypt encryption on Karaf server on unix server .
Current blueprint configuration file looks like
<ext:property-placeholder>
<ext:location>file:etc/db.properties</ext:location>
</ext:property-placeholder>
<enc:property-placeholder>
<enc:encryptor class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config">
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="passwordEnvName" value="DB_PWD" />
</bean>
</property>
</enc:encryptor>
</enc:property-placeholder>
We have mentioned encrypted values in db.properties.
It is working fine if we set DB_PWD as environment variable .
Due to some restriction we can't set this value in environment variable and we want password (DB_PWD) should be sourced dynamically i.e. instead of mentioning value in environment variable I want it should be configured in some *.properties file.
Is there any way supported for this ?
Thanks,
Prithvi
________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
Re: Need help realted to Jasypt ecryption in Karaf
Posted by Prithviraj <me...@gmail.com>.
Hi JB,
I tried solution as mentioned by you i.e.
now my blueprint file looks like
<ext:property-placeholder>
<ext:location>file:etc/db.properties</ext:location>
</ext:property-placeholder>
<enc:property-placeholder>
<enc:encryptor
class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config">
<bean
class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="password" value="${clearPassword}" />
</bean>
</property>
</enc:encryptor>
</enc:property-placeholder>
I have mentioned password in config.properties file from etc directory
as
clearPassword=trivnet
I am getting below exception
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException
at
org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1055)[257:org.apache.servicemix.bundles.jasypt:1.9.2.1]
at
org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)[257:org.apache.servicemix.bundles.jasypt:1.9.2.1]
at
org.apache.karaf.jaas.jasypt.handler.EncryptablePropertyPlaceholder.getProperty(EncryptablePropertyPlaceholder.java:38)[258:org.apache.karaf.jaas.jasypt:3.0.2]
at
org.apache.aries.blueprint.ext.AbstractPropertyPlaceholder.retrieveValue(AbstractPropertyPlaceholder.java:430)[15:org.apache.aries.blueprint.core:1.4.1]
at
org.apache.aries.blueprint.ext.AbstractPropertyPlaceholder.processString(AbstractPropertyPlaceholder.java:437)[15:org.apache.aries.blueprint.core:1.4.1]
at
org.apache.aries.blueprint.ext.AbstractPropertyPlaceholder$LateBindingValueMetadata.getStringValue(AbstractPropertyPlaceholder.java:471)[15:org.apache.aries.blueprint.core:1.4.1]
at
org.apache.aries.blueprint.di.ValueRecipe.internalCreate(ValueRecipe.java:54)[15:org.apache.aries.blueprint.core:1.4.1]
--
View this message in context: http://karaf.922171.n3.nabble.com/Need-help-realted-to-Jasypt-ecryption-in-Karaf-tp4037409p4037412.html
Sent from the Karaf - Dev mailing list archive at Nabble.com.
Re: Need help realted to Jasypt ecryption in Karaf
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi,
It's because you use the Jasypt EnvironmentStringPBEConfig which use a
env variable or JVM system property (-D...) by default.
As EnvironmentStringPBEConfig also implements SimplePBEConfig, you can
use directly:
<property name="password" value="clearText"/>
ClearText can come from ConfigAdmin, etc using ${clearPassword}.
Regards
JB
On 12/24/2014 03:04 PM, Mane-EXTERNAL Prithivraj wrote:
> Hi ,
>
> We are using Jasypt encryption on Karaf server on unix server .
> Current blueprint configuration file looks like
>
> <ext:property-placeholder>
> <ext:location>file:etc/db.properties</ext:location>
> </ext:property-placeholder>
>
> <enc:property-placeholder>
> <enc:encryptor class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
> <property name="config">
> <bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
> <property name="algorithm" value="PBEWithMD5AndDES" />
> <property name="passwordEnvName" value="DB_PWD" />
> </bean>
> </property>
> </enc:encryptor>
> </enc:property-placeholder>
>
> We have mentioned encrypted values in db.properties.
> It is working fine if we set DB_PWD as environment variable .
>
> Due to some restriction we can't set this value in environment variable and we want password (DB_PWD) should be sourced dynamically i.e. instead of mentioning value in environment variable I want it should be configured in some *.properties file.
> Is there any way supported for this ?
>
>
>
>
>
>
> Thanks,
> Prithvi
>
> ________________________________
> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com