Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Current »

Crypting resource password

When using the Resource Loader it can be handy to obfuscate resources' password instead of leaving them in plain text, readable from any person who has access to the loader's configuration file.

Although less useful, it is nevertheless possible to use crypted passwords with the API as well.

JDBC and JMS

Icon

This is valid for both JDBC and JMS resources even if the examples only demonstrate JDBC.

Contents

Crypting a password

The password encryption mechanism is not automatic. You need to configure the crypted password yourself as BTM won't touch the loader's configuration file.

You can get a crypted version of your password with the bitronix.tm.utils.CryptoEngine class. It contains a main method so you can call it from the command line:

You can just give it the password to encrypt on the command line to get its crypted version:

By default, the DES cipher will be used. You can override that from the command line by specifying another cipher as a second argument. Please note that the only cipher that is distributed with the JVM by default is DES.

Safety

Icon

This is not 100% safe as the password can be reverted. Take this feature as a convenience to avoid leaving an important password world-readable.

Using crypted password

Once you have the crypted version of your password, you just need to paste it instead of the plain text version. For instance in a Resource Loader configuration file:

or in the API calls:

BTM will automatically decrypt the password before using it to build the XA connection producer.

Limitation

Icon

Only driver property called password can contain a crypted password. Other ones won't go through the decryption process.

  • No labels