Jump to: navigation, search

Stardust/Knowledge Base/Security/Encryption/XML Config Encryption

Introduction

The utility described herein is useful when you want to encrypt a password in any Spring  based XML configuration file. The example described here makes use of the
ActiveMQ.xml. We demonstrate how to encrypt the database password used by the Oracle AQ Topic ConnectionFactory.

Enabling Encryption

Execute the following instructions to secure (encrypt) the database password. All artifacts (unless explicitly mentioned) can be downloaded from here. Copy the password-manager.jar and commons-codec-1.4.jar (available for download from here)  files to the lib directory or anywhere in the classpath. The included passwordManager.bat batch file takes the actual password as an input and stores it in a properties file e.g db.properties. The encrypted password is stored in the db.properties file.

Example Scenario

<bean id="connectionFactoryOracleAQTopic" class="oracle.jms.AQjmsFactory" factory-method="getQueueConnectionFactory"> 
    <constructor-arg index="0"> <value>***********</value> </constructor-arg>
    <constructor-arg index="1" type="java.util.Properties"> <value>************</value> </constructor-arg>
</bean> 
 
<bean id="oracleTopicCredentials" class="org.springframework.jms.connection.UserCredentialsConnectionFactoryAdapter"> 
    <property name="targetConnectionFactory"> <ref bean="connectionFactoryOracleAQTopic"/> </property> 
    <property name="username"> <value></value> </property> 
    <!-- To Disable Encryption, Uncomment the following line and give actual plain text password in the value tag -->
    <!-- <property name="password">    <value>u_pick_it</value> </property> -->
    <!-- To Disable Encryption, Comment the following line  --> 
    <property name="password" ref="securedPassword"/>
</bean> 
 
<!--Declare Bean-->
<bean id="passwordManager" class="com.security.PasswordManager" />
 
<bean id="securedPassword" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
    <property name="targetObject"><ref local="passwordManager"/></property>
    <property name="targetMethod"><value>getSecuredPassword</value></property>
</bean>