when we try to access any property value present in application.properties which is of format ENC(<...>), then Springboot will look for jasypt.encryptor.password property to do decryption internally.
If jasypt.encryptor.password is not present in application.properties, application won't start.
So, if the value for the LDAP property activedirectory.managerPassword is given in the format {ENC(<...>)} (enclosed in brackets), internal decryption is skipped and decryption can be handled explicitly.
Made changes for the above approach and added testcases.
Alternate Designs
Benefits
Possible Drawbacks
Sign-off
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
…jasypt.key file
Applicable Issues
Description of the Change
when we try to access any property value present in application.properties which is of format ENC(<...>), then Springboot will look for jasypt.encryptor.password property to do decryption internally. If jasypt.encryptor.password is not present in application.properties, application won't start. So, if the value for the LDAP property activedirectory.managerPassword is given in the format {ENC(<...>)} (enclosed in brackets), internal decryption is skipped and decryption can be handled explicitly.
Made changes for the above approach and added testcases.
Alternate Designs
Benefits
Possible Drawbacks
Sign-off
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or
(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or
(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.
(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved.
Signed-off-by: sriguru sriguruvenkatesh@ericsson.com