CODEWITHSUNDEEP
springhibernateencryptionjasypt
Blake
Blake

Reputation: 374

jasypt spring hibernate - what password is what?

Im trying to use jasypt to encrypt some passwords in our properties file. Im following the guide on the jasypt website but I think Im messing up something with the passwords. Im hoping someone here can tell me Im doing it right or doing it wrong. Right now... when I start up my jboss server I get an "invalid username/password" error when it tries to hit the database. Either the decrypt is failing or my setup is wrong. Here is how things are setup.

I generated my encrypted password as follows:

c:\jasypt-1.9.2\bin\encrypt input=mydbpassword password=password   
----ENVIRONMENT----------------

Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.45-b08

-----ARGUMENTS-----------------
input: mydbpassword
password: password

------OUTPUT-------------------
N6Wz+z6fI24MagR5A4xNoH4gMh75Vo0

Question #1: Im assuming my database password goes in the "input". If so... then what is the password field used for??

My persistence.xml:

<property name="connection.provider_class" value="org.jasypt.hibernate.connectionprovider.EncryptedPasswordDriverManagementConnectionProvider" />
<property name="connection.encryptor_registered_name" value="configurationHibernateEncryptor" />

My Spring Bean:

<bean id="hibernateStringEncryptor"
class="org.jasypt.hibernate4.encryptor.HibernatePBEStringEncryptor">
<property name="registeredName">
    <value>strongHibernateStringEncryptor</value>
</property>
<property name="algorithm">
    <value>PBEWithMD5AndTripleDES</value>
</property>
<property name="password">
    <value>password</value>
</property>
</bean>

Question #2: Im assuming the "password" field from the encrypt command goes here? I cant imagine my DB password goes here since that defeats the purpose of the encryption. But then again... the docs really didnt say what that value was or is.

thanks to anyone who can help!

-Blake

Upvotes: 0

Views: 1030

Answers (1)

sura2k
sura2k

Reputation: 7517

You should provide the algorithm as well.

c:\jasypt-1.9.2\bin\encrypt input=mydbpassword password=password algorithm=PBEWithMD5AndTripleDES

Refer: http://www.jasypt.org/cli.html#Listing_algorithms

To work with PBEWithMD5AndTripleDES you need to install JCE Unlimited Strength Jurisdiction Policy into your JDK.

Parameter password is the encryption key which is what you need to decrypt your password in to plain text.

Upvotes: 1

Related Questions