search

OHDSI / WebAPI

OHDSI WebAPI contains all OHDSI services that can be called from OHDSI applications
Apache License 2.0
128 stars 166 forks source link

Password encryption feature crashing application to start #2249

Closed davidhcar closed 1 year ago

davidhcar commented 1 year ago

Expected behavior

Based on the information/notes #2227 Expecting the password in source table to get encrypted.

Actual behavior

Enabling thejasypt.encryptor.enabled = true property causes application startup failed with following errors, appreciate your insights on this. Source table has password value.


Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'ccController' defined in file [/usr/local/tomcat/webapps/WebAPI/WEB-INF/classes/org/ohdsi/webapi/cohortcharacterization/CcController.class]: Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'ccServiceImpl' defined in file [/usr/local/tomcat/webapps/WebAPI/WEB-INF/classes/org/ohdsi/webapi/cohortcharacterization/CcServiceImpl.class]: Unsatisfied dependency expressed through constructor parameter 4; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'feAnalysisServiceImpl' defined in file [/usr/local/tomcat/webapps/WebAPI/WEB-INF/classes/org/ohdsi/webapi/feanalysis/FeAnalysisServiceImpl.class]: Unsatisfied dependency expressed through constructor parameter 3; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vocabularyService': Unsatisfied dependency expressed through field 'sourceService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sourceService': Invocation of init method failed; nested exception is org.jasypt.exceptions.EncryptionInitializationException: **Password not set for Password Based Encryptor**
2023-04-06 18:04:37.219 INFO main org.springframework.scheduling.concurrent.ExecutorConfigurationSupport - [] - Shutting down ExecutorService 'taskExecutor'
2023-04-06 18:04:38.090 INFO main org.springframework.boot.autoconfigure.logging.AutoConfigurationReportLoggingInitializer - [] -
2023-04-06 18:04:38.196 ERROR main org.springframework.boot.SpringApplication - [] - Application startup failed

Steps to reproduce behavior

By enabling password encryption,

<jasypt.encryptor.enabled>true</jasypt.encryptor.enabled>
<jasypt.encryptor.password></jasypt.encryptor.password>
<jasypt.encryptor.algorithm>PBEWITHSHA256AND128BITAES-CBC-BC</jasypt.encryptor.algorithm>
chrisknoll commented 1 year ago

But this property

<jasypt.encryptor.password></jasypt.encryptor.password>

is not set, shouldn't that property have a value?

davidhcar commented 1 year ago

What is this password should be, Don't the source table(CDM and others) has this value ?

chrisknoll commented 1 year ago

No, the password in the source table is to the CDM.

This is the password to the encryptor.

Did you review the information provided in the other issue you posted to? The link to the source shows how the password is used (reference: here)

If you want to use encryption options different from the default, you'll have to refer to the jasypt documentation on setting those values and any additional JVM configuration required (which I referenced a stack-overflow article in the other post).

davidhcar commented 1 year ago

I see, so this is a password salt to the encryption.

chrisknoll commented 1 year ago

Correct.