Encrypt passwords in property files using Jasypt

[GoogleCodeExporter]

Currently we store passwords and pass phrases in clear text in property files, 
that is not acceptable from a security perspective.

Jasypt could potentially be used to improve this, see the following blog here: 
http://blogs.mulesoft.org/encrypting-passwords-in-mule/

Original issue reported on code.google.com by magnus.l...@gmail.com on 29 Oct 2011 at 2:49

• Blocked on: #185

[GoogleCodeExporter]

Original comment by magnus.l...@gmail.com on 24 Nov 2011 at 3:05

[GoogleCodeExporter]

r1386: Added initial support for encrypted property values.
r1388: Removed need for name-security.properties, use the 
name-config.properties file
with encrypted props instead.

Original comment by hakan.dahl@gmail.com on 1 Dec 2011 at 3:06

[GoogleCodeExporter]

To document:

Add encryption key:
1. For running tests with maven:
  export SOITOOLKIT_ENCRYPTION_PASSWORD=my-key

2. For running tests in eclipse, open "Run configurations" for the 
junit-testsuite and add environment variable 
SOITOOLKIT_ENCRYPTION_PASSWORD=my-key

3. For Mule standalone, edit $MULE_HOME/conf/wrapper.conf, add:
set.SOITOOLKIT_ENCRYPTION_PASSWORD=my-key
Ref: http://wrapper.tanukisoftware.com/doc/english/props-envvars.html

Encrypt property value:
1. Download jasypt command line tools: http://www.jasypt.org/cli.html
2. Encrypt a password: ./encrypt.sh input="a-password" password=my-key
3. Configure in property file:
  DATABASE_PASSWORD=ENC(kqNhWNU2E7TiakRTt93sS2xsux2vdSqi)

Still needs some simplification for encrypting values.

Original comment by hakan.dahl@gmail.com on 1 Dec 2011 at 3:18

[GoogleCodeExporter]

Documentation refs:
http://www.jasypt.org/encrypting-configuration.html
http://blogs.mulesoft.org/encrypting-passwords-in-mule/

Original comment by hakan.dahl@gmail.com on 1 Dec 2011 at 12:05

[GoogleCodeExporter]

This issue was updated by revision r1389.

Removed code that handled the security-property file and cleaned up.

Original comment by hakan.dahl@gmail.com on 1 Dec 2011 at 1:39

[GoogleCodeExporter]

This issue was updated by revision r1391.

Adjusting file-count for oneway-generator test.

Original comment by hakan.dahl@gmail.com on 1 Dec 2011 at 3:18

[GoogleCodeExporter]

This issue was updated by revision r1432.

Adding wiki-docs for encrypting passwords in property files.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:32

[GoogleCodeExporter]

This issue was updated by revision r1433.

Adding link from User guide to new sub-page.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:36

[GoogleCodeExporter]

This issue was updated by revision r1434.

Formatting wiki text.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:40

[GoogleCodeExporter]

This issue was updated by revision r1435.

Formatting wiki text.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:42

[GoogleCodeExporter]

This issue was updated by revision r1436.

Formatting wiki text.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:43

[GoogleCodeExporter]

This issue was updated by revision r1437.

Formatting wiki text.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:45

[GoogleCodeExporter]

This issue was closed by revision r1438.

Original comment by hakan.dahl@gmail.com on 23 Dec 2011 at 3:47

• Changed state: Fixed

[GoogleCodeExporter]

Re-opened since I can't find any documentation on the subject on the 
soi-toolkti site.

Original comment by magnus.l...@gmail.com on 29 Dec 2011 at 11:00

• Changed state: Accepted

[GoogleCodeExporter]

Docs on:
http://code.google.com/p/soi-toolkit/wiki/UG_PropertyFile

Original comment by hakan.dahl@gmail.com on 29 Dec 2011 at 12:18

[GoogleCodeExporter]

Original comment by hakan.dahl@gmail.com on 3 Jan 2012 at 9:03

• Changed state: Fixed