Skip to content
Skip to breadcrumbs
Skip to header menu
Skip to action menu
Skip to quick search
Quick Search
Browse
Pages
Blog
Labels
Attachments
Mail
Advanced
What’s New
Space Directory
Feed Builder
Keyboard Shortcuts
Confluence Gadgets
Log In
Sign Up
Dashboard
Bitronix Transaction Manager
Copy Page
You are not logged in. Any changes you make will be marked as
anonymous
. You may want to
Log In
if you already have an account. You can also
Sign Up
for a new account.
This page is being edited by
.
Paragraph
Paragraph
Heading 1
Heading 2
Heading 3
Heading 4
Heading 5
Heading 6
Preformatted
Quote
Bold
Italic
Underline
More colours
Strikethrough
Subscript
Superscript
Monospace
Clear Formatting
Bullet list
Numbered list
Outdent
Indent
Align left
Align center
Align right
Link
Table
Insert
Insert Content
Image
Link
Attachment
Symbol
Emoticon
Wiki Markup
Horizontal rule
tinymce.confluence.insert_menu.macro_desc
Info
JIRA Issue
Status
Gallery
Tasklist
Table of Contents
Other Macros
Page Layout
No Layout
Two column (simple)
Two column (simple, left sidebar)
Two column (simple, right sidebar)
Three column (simple)
Two column
Two column (left sidebar)
Two column (right sidebar)
Three column
Three column (left and right sidebars)
Undo
Redo
Find/Replace
Keyboard Shortcuts Help
<h1>Crypting resources password</h1> <p>When using the Resource Loader it can be handy to obfuscate resources' password instead of leaving them in plain text, readable from any person who has access to the loader's configuration file.</p> <p>Although less useful, it is nevertheless possible to use crypted passwords with the API as well.</p> <table class="wysiwyg-macro" data-macro-name="info" data-macro-parameters="title=JDBC and JMS" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2luZm86dGl0bGU9SkRCQyBhbmQgSk1TfQ&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="RICH_TEXT"><tr><td class="wysiwyg-macro-body"><p>This is valid for both JDBC and JMS resources even if the examples only demonstrate JDBC.</p></td></tr></table> <h4>Contents</h4> <img class="editor-inline-macro" src="/plugins/servlet/confluence/placeholder/macro?definition=e3RvYzptYXhMZXZlbD0zfG1pbkxldmVsPTJ9&locale=en_GB&version=2" data-macro-name="toc" data-macro-parameters="maxLevel=3|minLevel=2"> <h2>Crypting a password</h2> <p>The password encryption mechanism is not automatic. You need to configure the crypted password yourself as BTM won't touch the loader's configuration file.</p> <p>You can get a crypted version of your password with the <a href="http://btm.codehaus.org/api/1.2/bitronix/tm/internal/CryptoEngine.html">bitronix.tm.internal.CryptoEngine</a> class. It contains a <code>main</code> method so you can call it from the command line:</p> <table class="wysiwyg-macro" data-macro-name="code" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGV9&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> java -jar btm-1.2.jar bitronix.tm.internal.CryptoEngine Bitronix Transaction Manager password property crypter Usage: CryptoEngine <password> [cipher] where: <password> is mandatory and is the resource password to crypt [cipher] is optional and is the cipher to be used to crypt the password </pre></td></tr></table> <p>You can just give it the password to encrypt on the command line to get its crypted version:</p> <table class="wysiwyg-macro" data-macro-name="code" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGV9&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> java -jar btm-1.2.jar bitronix.tm.internal.CryptoEngine myPassword Bitronix Transaction Manager password property crypter crypted password property value: {DES}oBg90wRyVhWcCrwu51xGmw== </pre></td></tr></table> <p>By default, the DES cipher will be used. You can override that from the command line by specifying another cipher as a second argument. Please note that the only cipher that is distributed with the JVM by default is DES.</p> <table class="wysiwyg-macro" data-macro-name="note" data-macro-parameters="title=Safety" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e25vdGU6dGl0bGU9U2FmZXR5fQ&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="RICH_TEXT"><tr><td class="wysiwyg-macro-body"><p>This is not 100% safe as the password can be reverted. Take this feature as a convenience to avoid leaving an important password world-readable.</p></td></tr></table> <h2>Using crypted password</h2> <p>Once you have the crypted version of your password, you just need to paste it instead of the plain text version. For instance in a Resource Loader configuration file:</p> <table class="wysiwyg-macro" data-macro-name="code" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGV9&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> resource.ds.className=oracle.jdbc.xa.client.OracleXADataSource resource.ds.uniqueName=oracle resource.ds.maxPoolSize=5 resource.ds.driverProperties.user=users1 resource.ds.driverProperties.password={DES}Tg0f6zsYp2GcCrwu51xGmw== resource.ds.driverProperties.URL=jdbc:oracle:thin:@localhost:1521:XE </pre></td></tr></table> <p>or in the API calls:</p> <table class="wysiwyg-macro" data-macro-name="code" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2NvZGV9&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="PLAIN_TEXT"><tr><td class="wysiwyg-macro-body"><pre> PoolingDataSource myDataSource = new PoolingDataSource(); myDataSource.setClassName("oracle.jdbc.xa.client.OracleXADataSource"); myDataSource.setUniqueName("oracle"); myDataSource.setMaxPoolSize(5); myDataSource.getDriverProperties().setProperty("user", "users1"); myDataSource.getDriverProperties().setProperty("password", "{DES}Tg0f6zsYp2GcCrwu51xGmw=="); myDataSource.getDriverProperties().setProperty("URL", "jdbc:oracle:thin:@localhost:1521:XE"); </pre></td></tr></table> <p>BTM will automatically decrypt the password before using it to build the XA connection producer.</p> <table class="wysiwyg-macro" data-macro-name="info" data-macro-parameters="title=Limitation" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e2luZm86dGl0bGU9TGltaXRhdGlvbn0&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="RICH_TEXT"><tr><td class="wysiwyg-macro-body"><p>Only driver property called <code>password</code> can contain a crypted password. Other ones won't go through the decryption process.</p></td></tr></table> <table class="wysiwyg-macro" data-macro-name="note" data-macro-parameters="title=Bug in version 1.2" style="background-image: url(/plugins/servlet/confluence/placeholder/macro-heading?definition=e25vdGU6dGl0bGU9QnVnIGluIHZlcnNpb24gMS4yfQ&locale=en_GB&version=2); background-repeat: no-repeat;" data-macro-body-type="RICH_TEXT"><tr><td class="wysiwyg-macro-body"><p>This feature is slightly buggy in version 1.2 and earlier as it does not work with API calls, only the resource loader. See: <a href="http://jira.codehaus.org/browse/BTM-7">BTM-7</a>.<br /> The bug has been fixed in version 1.3.</p></td></tr></table> <p><img class="confluence-embedded-image confluence-external-resource" src="http://www.bitronix.be/images/shim.gif" data-image-src="http://www.bitronix.be/images/shim.gif"></p>
Please type the word appearing in the picture.
Attachments
Labels
Location
Watch this page
< Edit
Preview >
Loading…
Save
Cancel
Next hint
search
attachments
weblink
advanced