Encrypt passwords in property files using Jasypt

[hdahl]

Original issue 183 created by soi-toolkit on 2011-10-29T02:49:16.000Z:

Currently we store passwords and pass phrases in clear text in property files, that is not acceptable from a security perspective.

Jasypt could potentially be used to improve this, see the following blog here: http://blogs.mulesoft.org/encrypting-passwords-in-mule/

[hdahl]

Comment #1 originally posted by soi-toolkit on 2011-11-24T15:05:46.000Z:

<empty>

[hdahl]

Comment #2 originally posted by soi-toolkit on 2011-12-01T03:06:51.000Z:

r1386: Added initial support for encrypted property values. r1388: Removed need for name-security.properties, use the name-config.properties file with encrypted props instead.

[hdahl]

Comment #3 originally posted by soi-toolkit on 2011-12-01T03:18:39.000Z:

To document:

Add encryption key:

1. For running tests with maven: export SOITOOLKIT_ENCRYPTION_PASSWORD=my-key
2. For running tests in eclipse, open "Run configurations" for the junit-testsuite and add environment variable SOITOOLKIT_ENCRYPTION_PASSWORD=my-key
3. For Mule standalone, edit $MULE_HOME/conf/wrapper.conf, add: set.SOITOOLKIT_ENCRYPTION_PASSWORD=my-key Ref: http://wrapper.tanukisoftware.com/doc/english/props-envvars.html

Encrypt property value:

1. Download jasypt command line tools: http://www.jasypt.org/cli.html
2. Encrypt a password: ./encrypt.sh input="a-password" password=my-key
3. Configure in property file: DATABASE_PASSWORD=ENC(kqNhWNU2E7TiakRTt93sS2xsux2vdSqi)

Still needs some simplification for encrypting values.

[hdahl]

Comment #4 originally posted by soi-toolkit on 2011-12-01T12:05:35.000Z:

Documentation refs: http://www.jasypt.org/encrypting-configuration.html http://blogs.mulesoft.org/encrypting-passwords-in-mule/

[hdahl]

Comment #5 originally posted by soi-toolkit on 2011-12-01T13:39:38.000Z:

This issue was updated by revision r1389.

Removed code that handled the security-property file and cleaned up.

[hdahl]

Comment #6 originally posted by soi-toolkit on 2011-12-01T15:18:13.000Z:

This issue was updated by revision r1391.

Adjusting file-count for oneway-generator test.

[hdahl]

Comment #7 originally posted by soi-toolkit on 2011-12-23T15:32:48.000Z:

This issue was updated by revision r1432.

Adding wiki-docs for encrypting passwords in property files.

[hdahl]

Comment #8 originally posted by soi-toolkit on 2011-12-23T15:36:49.000Z:

This issue was updated by revision r1433.

Adding link from User guide to new sub-page.

[hdahl]

Comment #9 originally posted by soi-toolkit on 2011-12-23T15:40:14.000Z:

This issue was updated by revision r1434.

Formatting wiki text.

[hdahl]

Comment #10 originally posted by soi-toolkit on 2011-12-23T15:42:54.000Z:

This issue was updated by revision r1435.

Formatting wiki text.

[hdahl]

Comment #11 originally posted by soi-toolkit on 2011-12-23T15:43:56.000Z:

This issue was updated by revision r1436.

Formatting wiki text.

[hdahl]

Comment #12 originally posted by soi-toolkit on 2011-12-23T15:45:31.000Z:

This issue was updated by revision r1437.

Formatting wiki text.

[hdahl]

Comment #13 originally posted by soi-toolkit on 2011-12-23T15:47:35.000Z:

This issue was closed by revision r1438.

[hdahl]

Comment #14 originally posted by soi-toolkit on 2011-12-29T11:00:37.000Z:

Re-opened since I can't find any documentation on the subject on the soi-toolkti site.

[hdahl]

Comment #15 originally posted by soi-toolkit on 2011-12-29T12:18:20.000Z:

Docs on: http://code.google.com/p/soi-toolkit/wiki/UG_PropertyFile

[hdahl]

Comment #16 originally posted by soi-toolkit on 2012-01-03T09:03:29.000Z:

<empty>