3 Replies Latest reply on Nov 30, 2010 1:51 AM by davsclaus

    jasypt password encryption

    donaldesb

      Hi,

       

      I have tried the password encryption with jasypt.

      It works, but unfortunately the password was decrypted and shown in the servicemix.log.

       

      Can the auto-decryption be prevented?

       

       

       

      my camel-context.xml contain:

       

           .

           .

       

            

            

           .

           .

            

            

            

      my pwprop.properties contain:

       

           cool.result=ftp://amelia@12.345.67.890/ftp/?password={{cool.password}}

       

           cool.password=ENC(YHbWWmGMDGc+kREF1jTWOA==)

           #cool.password=amelia

        • 1. Re: jasypt password encryption
          davsclaus

          Can you post details where it was logged.

           

          In the Camel codebase we have logic which masks password fields from endpoints, if endpoints are logged.

           

          So we need to know exactly there its logged and presented in clear-text.

           

          What version of SMX and Camel are you using?

          • 2. Re: jasypt password encryption
            donaldesb

            Hi davsclaus,

             

            I am using apache-servicemix-4.2.0-fuse-02-00 and

             

            indicated in the pom.xml is <camel-version>2.5.0</camel-version>

             

             

            This appear in the servicemix.log where the password had been auto decrypted:

             

            10:37:58,882 | INFO  | 4: FileComponent | RemoteFileProducer               | t.file.remote.RemoteFileProducer  175 | Connected and logged in to: Endpoint\[ftp://amelia@12.345.67.890/ftp/?password=amelia\]

            • 3. Re: jasypt password encryption
              davsclaus

              There is no official releases of Fuse ESB which provides Camel 2.5 or better.

               

              I think there is a Fuse ESB 4.3.1 planned which will use Camel 2.5 or better.