Encryption

This feature allows you to encrypt some config values (ldap.bindDN, ldap.bindCredentials, rbpm.credentials.username and rbpm.credentials.password).

Note that this is not intended for security purposes, since the encryption key may be found inside the app.

Its main use is for obscurity. If a user looks through the config file and finds the config value, it is not directly useable whithout decryption.

First you need to encrypt a value:

~/server/bin/encrypt

Enter a value to encrypt: foo
ENC(kV7qYMpqQdBiDfQgAYBETpDW8rol97WwCTYjp_zuCjpv)
Enter a value to encrypt: foo
ENC(06TDT14nMFbz1NIiF3q0nK0Q-3RP3BbpSfv28kGa8w7a)
Enter a value to encrypt: bar
ENC(jVdeNOK_HLkXqnGqe3uSIVizDBLmxh3K8D7psptY7YWO)
Enter a value to encrypt:
(To exit, press enter again or type .exit)
Enter a value to encrypt:

Encrypting the same input value multiple times results in different encrypted strings. This allows you to hide the fact that you are using the same password several times.

For additional security you can use the -p flag. This hides the value you entered.

~/server/bin/encrypt -p

Enter a value to encrypt (password mode):
ENC(O4iVOerwFcnA114fzqBOR0Ozr0xRKrv-ZEpi5Qt150tQ)
Enter a value to encrypt (password mode):
ENC(SVy-7fi-zjrKNMSjHkhlhaP0SvV52KOIiHWaXojhf-hG)
Enter a value to encrypt (password mode):
(To exit, press enter again or type .exit)
Enter a value to encrypt (password mode):

Use ENC(...) to declare an encrypted property value in config file:

ldap:
  bindDN: ENC(RY_ba2QtihfZsvI3d3jcyr5UEvGmZvfWxSJYIxrGi0Qk)
  bindCredentials: ENC(QcuO_te7tKR25yHqzy6TXPinWc7K0PweciOuHrCl16Gw)

partitions:
  identity:
    rbpm:
      credentials:
        username: ENC(-Y48J-WIA8sthGsIzAKRH5svHZlmPuaZXAHCF-WRGHyD)
        password: ENC(2x7kF0M35oi2iBIseEihV4CA6t-AD8cBdHv93jp1NWHV)

rbpm:
  credentials:
    username: ENC(O_4g80fqibVBWDgjMRXfwgCmO6-gwoB5pNxv7qYTT7r1)
    password: ENC(J90VZzva4im8xq8EY7p5gtba0IHRZj2BNoZGwJoWdAvt)
Shopping CartDoctor Script