karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré ...@nanthrax.net>
Subject Re: Need help realted to Jasypt ecryption in Karaf
Date Wed, 24 Dec 2014 14:33:45 GMT
Hi,

It's because you use the Jasypt EnvironmentStringPBEConfig which use a 
env variable or JVM system property (-D...) by default.

As EnvironmentStringPBEConfig also implements SimplePBEConfig, you can 
use directly:

<property name="password" value="clearText"/>

ClearText can come from ConfigAdmin, etc using ${clearPassword}.

Regards
JB

On 12/24/2014 03:04 PM, Mane-EXTERNAL Prithivraj wrote:
> Hi ,
>
> We are using Jasypt encryption on Karaf  server on unix  server .
> Current  blueprint configuration  file looks  like
>
> <ext:property-placeholder>
>      <ext:location>file:etc/db.properties</ext:location>
>    </ext:property-placeholder>
>
>    <enc:property-placeholder>
>      <enc:encryptor class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
>        <property name="config">
>          <bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
>            <property name="algorithm" value="PBEWithMD5AndDES" />
>            <property name="passwordEnvName" value="DB_PWD" />
>          </bean>
>        </property>
>      </enc:encryptor>
>    </enc:property-placeholder>
>
> We have mentioned encrypted values   in db.properties.
> It is working fine if we  set  DB_PWD as environment variable .
>
> Due to  some restriction we can't set this value in  environment variable and  we  want
 password  (DB_PWD) should  be sourced dynamically  i.e. instead of mentioning value in environment
variable I  want it should be configured in some *.properties file.
> Is there  any way  supported for this ?
>
>
>
>
>
>
> Thanks,
> Prithvi
>
> ________________________________
> This message and any attachments are intended solely for the addressees and may contain
confidential information. Any unauthorized use or disclosure, either whole or partial, is
prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for the message
if altered, changed or falsified. If you are not the intended recipient of this message, please
delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free from viruses,
the sender will not be liable for damages caused by a transmitted virus.
>

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Mime
View raw message