https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255822#M208952 <HTML><HEAD></HEAD><BODY><SPAN>You can't encrypt the alfresco-global.properties file.&nbsp; </SPAN><BR /><BR /><SPAN>The first line of defence is to ensure that only a limited number of people can read the alfresco config files.</SPAN><BR /><SPAN>And DBAs will typically also restrict which machines can use the alfresco oracle account.</SPAN><BR /><SPAN> </SPAN><BR /><SPAN>If its important to you then you will need to store the credentials or the resource definition elsewhere e.g. as a resource in your app server.&nbsp;&nbsp;&nbsp; </SPAN><BR /><BR /><SPAN>You can probably also plug in some code to pull the oracle key from a keystore.&nbsp;&nbsp;&nbsp;&nbsp; e.g </SPAN><A href="http://stackoverflow.com/questions/4196545/hide-datasource-password-in-spring-xml-file" rel="nofollow noopener noreferrer">http://stackoverflow.com/questions/4196545/hide-datasource-password-in-spring-xml-file</A><BR /><BR /><SPAN>So,&nbsp; there are many options,&nbsp; but its not usually neccessary.</SPAN></BODY></HTML> Tue, 04 Sep 2012 09:44:28 GMT mrogers 2012-09-04T09:44:28Z https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255821#M208951 I configured alfresco to use Oracle&nbsp; (http://wiki.alfresco.com/wiki/Database_Configuration#Oracle_example)I was wondering, how can I encrypt this password (db.password) in alfresco-global.properties file.? Regards Tue, 04 Sep 2012 04:54:08 GMT https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255821#M208951 mrsaqib 2012-09-04T04:54:08Z https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255822#M208952 <HTML><HEAD></HEAD><BODY><SPAN>You can't encrypt the alfresco-global.properties file.&nbsp; </SPAN><BR /><BR /><SPAN>The first line of defence is to ensure that only a limited number of people can read the alfresco config files.</SPAN><BR /><SPAN>And DBAs will typically also restrict which machines can use the alfresco oracle account.</SPAN><BR /><SPAN> </SPAN><BR /><SPAN>If its important to you then you will need to store the credentials or the resource definition elsewhere e.g. as a resource in your app server.&nbsp;&nbsp;&nbsp; </SPAN><BR /><BR /><SPAN>You can probably also plug in some code to pull the oracle key from a keystore.&nbsp;&nbsp;&nbsp;&nbsp; e.g </SPAN><A href="http://stackoverflow.com/questions/4196545/hide-datasource-password-in-spring-xml-file" rel="nofollow noopener noreferrer">http://stackoverflow.com/questions/4196545/hide-datasource-password-in-spring-xml-file</A><BR /><BR /><SPAN>So,&nbsp; there are many options,&nbsp; but its not usually neccessary.</SPAN></BODY></HTML> Tue, 04 Sep 2012 09:44:28 GMT https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255822#M208952 mrogers 2012-09-04T09:44:28Z https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255823#M208953 <HTML><HEAD></HEAD><BODY><SPAN>Thanks mrogers for the prompt reply. </SPAN><BR /><BR /><SPAN>I know we can't encrypt the whole alfresco-global.properties file, my concern is only with the "password" property. For the client I am working with, has a strict policy, so I can't store any password as a plain text. </SPAN><BR /><BR /><SPAN>Can I encrypt the password in the alfresco-global.properties file and through some code decrypt it so that alfresco can use it?</SPAN></BODY></HTML> Tue, 04 Sep 2012 12:03:54 GMT https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255823#M208953 mrsaqib 2012-09-04T12:03:54Z https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255824#M208954 <HTML><HEAD></HEAD><BODY><SPAN>Yes.&nbsp;&nbsp; Or you can use spring instead and inject your own password handling stuff, That's what the linked example above does.&nbsp;&nbsp; </SPAN><BR /><SPAN>However at that point your values will not be persisted across a cluster.</SPAN></BODY></HTML> Tue, 04 Sep 2012 12:13:52 GMT https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255824#M208954 mrogers 2012-09-04T12:13:52Z https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255825#M208955 <HTML><HEAD></HEAD><BODY><SPAN>Thanks..</SPAN><BR /><BR /><SPAN>I tried to modify org.alfresco.config.JndiPropertiesFactoryBean file, but exceptions are like:</SPAN><BR /><BR /><STRONG>Name lucene.indexer.writerMergeFactor is not bound in this Context.</STRONG><BR /><BR /><SPAN>Any Suggestion..?</SPAN></BODY></HTML> Wed, 05 Sep 2012 13:11:02 GMT https://connect.hyland.com/t5/alfresco-archive/encrypted-password-for-databases/m-p/255825#M208955 mrsaqib 2012-09-05T13:11:02Z