Skip to main content

Configure "Secure Vault" to secure plain text passwords in WSO2 config files

If we take a WSO2 product, there are so many config files which contains plain text passwords. This blog post explains how we can secure those passwords.

Let's take WSO2 DAS . analytics-datasource.xml file and secure the password in following configuration.


Step 1:
Go to <WSO2_DAS>/repository/conf/security and add the following line to the cipher-tool.properties file

Create alias with file path, xpath to the element and boolean value true.

Step 2:
Add the following line to the cipher-text.properties file.

You have to provide the alias with the plain text password

Step 3:
Go to <WSO2_DAS>/bin and execute ./ciphertool.sh -Dconfigure

This will,
- Encrypt the password defined in cipher-text.properties file
- Configure the analytics-datasauces.xml as follows

Step 4: Restart the server.

How to change a password

Configure cipher-text.properties file with the password you want to change.  You need to remove the encrypted value and replace it with plain text password with  [ ] square brackets.
Execute the ./ciphertool.sh -Dconfigure
Start the server.

Labels:

Comments

Post a Comment

Popular posts from this blog

How to generate random unique number in SOAP UI request

eg 1: ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} eg 2: ${=java.util.UUID.randomUUID()} ${=java.util.UUID.randomUUID()} ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} - See more at: http://tryitnw.blogspot.com/2014/03/generating-random-unique-number-in-soap.html#sthash.m2S4tUFu.dpuf ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} - See more at: http://tryitnw.blogspot.com/2014/03/generating-random-unique-number-in-soap.html#sthash.m2S4tUFu.dpuf ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} - See more at: http://tryitnw.blogspot.com/2014/03/generating-random-unique-number-in-soap.html#sthash.m2S4tUFu.dpuf
Post a Comment
Read more

Tips on using environment variables in WSO2 Integration Cloud

Environment variables allow you to change an application's internal configuration without changing its source code. Let’s say you want to deploy the same application in development, testing  and production environments. Then database related configs and some other internal configurations may change from one environment to another. If we can define these configurations as an environment variables we can easily set those without changing the source code of that application. When you deploy your application in WSO2 Integration Cloud, it lets you define environment variables via the UI. Whenever you change the values of environment variables, you just need to redeploy the application for the changes to take effect. Predefined environment variables Key Concepts - Environment Variables   provides you some predefined set of environment variables which will be useful when deploying applications in WSO2 Integration Cloud. Sample on how to use environment variables ...
Post a Comment
Read more

VFS access SFTP with special character password

Learn WSO2 ESB VFS Transport https://docs.wso2.com/display/ESB481/VFS+Transport When we need to access the FTP server using SFTP, VFS connection-specific URL need to be given as : <parameter name="transport.vfs.FileURI">vfs:sftp://username:p@ssword@ftp.server.com/filePath?vfs.passive=true</parameter> When the password contains a special characters (eg: p@ssword), it gives the following error. 2015-03-27 13:06:03,766  [-]   [PassThroughMessageProcessor-5]  ERROR VFSTransportSender cannot resolve replyFile org.apache.commons.vfs2.FileSystemException: Invalid absolute URI "sftp://username:***@ftp.server.com/filePath?vfs.passive=true". Solution 1: Replace the special characters with the respective hex representation. <parameter name="transport.vfs.FileURI">vfs:sftp://username:p%40ssword@ftp.server.com/filePath?vfs.passive=true</parameter> Char Hex Code ------- -------- [space] %20 ...
Post a Comment
Read more