Help needed - PAX.JDBC.POOL - how to encrypt password in Karaf? #368
Comments
|
Good luck with Java, OSGi and Karaf - you'll need it ;) Technically speaking, Pax JDBC can use encrypted properties. The decryption is performed using https://github.com/jasypt/jasypt and you have to encrypt the value yourself. I don't even think there's an easy command line invocation to help here - you need to write some code. But if you already have an encrypted value, you need This property is an alias to look up an OSGi service with So your task is to have some bundle register such service where you can configure an instance of In blueprint you can configure such implementation using: <bean id="encryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config">
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="passwordSysPropertyName" value="secret-value" />
</bean>
</property>
</bean>
<service interface="org.jasypt.encryption.StringEncryptor" ref="encryptor">
<service-properties>
<entry key="alias" value="my-decryptor" />
</service-properties>
</service>
Anyway - the application you're going to maintain may already have other methods for service registration (blueprint, scr, BundleContext...) so treat this answer as a hint, not as straightforward recipe... |
|
Thanks a million @grgrzybek There is some mentions of how to use JASYPT here too: I think I am on track to have that working... Thanks again! |
|
no problem! good luck ;) you can always find me here. |
|
@grgrzybek I have managed to get all of my configuration up and running with that module. The readme was missing some info for a newbie like me but I got to a working state and so I'm happy about it. Thank you for your help and feedback. |
Hi
I'm totally new to PAX.JDBC, Jaca and Karaf but I have inherited a Karaf service that I need to maintain. The service is a SOAP data provider that is connecting to a database.
The whole thing is developed and deployed from Talend Open Studio ESB into Karaf container as a kar file.
The trouble I am facing is that the passwords in the configuration file for the connection pool are stored as plain text.
When trying to encrypt them I face some issues. I cannot really find a working guideline for setting up Jasypt with Karaf and using it with PAX.JDBC.CONFIG for connection pool.
When I put a password encrypted by encrypted by tesb-encryptor-command into the cfc file, the DataSource is not created.
There is no errors in the log file.
I am using PAX.JDBC version 1.5.7.
The DEBUG level log when Password is in plain text is:
scratch_90.txt
The DEBUG level log when Password is encrypted is:
scratch_91.txt
The text was updated successfully, but these errors were encountered: