Question Regarding Password Encryption

nestordrod Oct 14, 2009 12:51 PM

I followed the instructions in the wiki for encrypting passwords and applied it to the AdminUser password in deploy.properties.

I have a test Java program that opens a JDBC Connection to the embedded server using the AdminUser login and it doesn't recognize the password anymore.

Do I need to add code to the application to encrypt the password on the client side?

1. Re: Question Regarding Password Encryption

rareddy Oct 14, 2009 2:59 PM (in response to nestordrod)

No, you should not have to. On the client side you enter the clear text password, that will be validated against the stored one.
Actions
2. Re: Question Regarding Password Encryption

rareddy Oct 14, 2009 3:43 PM (in response to nestordrod)

Upon debugging I saw that in the "embedded" deployment the the CryptoUtil.java file which loads the keystore file was loaded with "client" application class loader (as this class is in the teiid-jdbc.jar), however the "deploy" directory where the keystore file is loaded by another class loader. So, CyrptoUtil class is not finding the the keystore and treating as if the "encryption" was not enabled. This will work correctly in the Server environment with out any changes.

This can be worked around in "embedded" by putting "teiid.keystore" file your class path, or adding "deploy" directory to the classpath.
Actions
3. Re: Question Regarding Password Encryption

nestordrod Oct 15, 2009 11:45 AM (in response to nestordrod)

Got it.

Adding the deploy folder to the classpath worked. Thanks!
Actions

Go to original post