cancel
Showing results for 
Search instead for 
Did you mean: 

Encrypted password for databases

mrsaqib
Champ in-the-making
Champ in-the-making
I configured alfresco to use Oracle  (http://wiki.alfresco.com/wiki/Database_Configuration#Oracle_example)

I was wondering, how can I encrypt this password (db.password) in alfresco-global.properties file.?

Regards
4 REPLIES 4

mrogers
Star Contributor
Star Contributor
You can't encrypt the alfresco-global.properties file. 

The first line of defence is to ensure that only a limited number of people can read the alfresco config files.
And DBAs will typically also restrict which machines can use the alfresco oracle account.

If its important to you then you will need to store the credentials or the resource definition elsewhere e.g. as a resource in your app server.   

You can probably also plug in some code to pull the oracle key from a keystore.     e.g http://stackoverflow.com/questions/4196545/hide-datasource-password-in-spring-xml-file

So,  there are many options,  but its not usually neccessary.

mrsaqib
Champ in-the-making
Champ in-the-making
Thanks mrogers for the prompt reply.

I know we can't encrypt the whole alfresco-global.properties file, my concern is only with the "password" property. For the client I am working with, has a strict policy, so I can't store any password as a plain text.

Can I encrypt the password in the alfresco-global.properties file and through some code decrypt it so that alfresco can use it?

mrogers
Star Contributor
Star Contributor
Yes.   Or you can use spring instead and inject your own password handling stuff, That's what the linked example above does.  
However at that point your values will not be persisted across a cluster.

mrsaqib
Champ in-the-making
Champ in-the-making
Thanks..

I tried to modify org.alfresco.config.JndiPropertiesFactoryBean file, but exceptions are like:

Name lucene.indexer.writerMergeFactor is not bound in this Context.

Any Suggestion..?