Hyland Connect

mrsaqib · ‎09-04-2012

I configured alfresco to use Oracle (http://wiki.alfresco.com/wiki/Database_Configuration#Oracle_example)

I was wondering, how can I encrypt this password (db.password) in alfresco-global.properties file.?

Regards

mrogers · ‎09-04-2012

You can't encrypt the alfresco-global.properties file.

The first line of defence is to ensure that only a limited number of people can read the alfresco config files.
And DBAs will typically also restrict which machines can use the alfresco oracle account.

If its important to you then you will need to store the credentials or the resource definition elsewhere e.g. as a resource in your app server.

You can probably also plug in some code to pull the oracle key from a keystore. e.g http://stackoverflow.com/questions/4196545/hide-datasource-password-in-spring-xml-file

So, there are many options, but its not usually neccessary.

mrsaqib · ‎09-04-2012

Thanks mrogers for the prompt reply.

I know we can't encrypt the whole alfresco-global.properties file, my concern is only with the "password" property. For the client I am working with, has a strict policy, so I can't store any password as a plain text.

Can I encrypt the password in the alfresco-global.properties file and through some code decrypt it so that alfresco can use it?

mrogers · ‎09-04-2012

Yes. Or you can use spring instead and inject your own password handling stuff, That's what the linked example above does.
However at that point your values will not be persisted across a cluster.

mrsaqib · ‎09-05-2012

Thanks..

I tried to modify org.alfresco.config.JndiPropertiesFactoryBean file, but exceptions are like:

Name lucene.indexer.writerMergeFactor is not bound in this Context.

Any Suggestion..?

Hyland Connect

Encrypted password for databases