The optional "keystore" element enables you to specify the keystore parameters to use to encode sensitive wagon.xml data.
The element is optional, a wagon.key private key is provided by default in the application's /conf directory.
This file can be externalised in the form of a URL-type JNDI resource via the url/adeliaWagonKey alias.
<keystore file="java:comp/env/url/wagonKeystore"> <parameters> <item key="keyStoreType" value="jks" /> <item key="keystorePassword" value="kspass" /> <item key="keyAlias" value="test" /> <item key="keyPassword" value="keypass" /> </parameters> </keystore> |
The "file" attribute indicates:
The keystore parameters are provided via a list of parameters ("parameters" section) and can take the following values:
Please note that, by definition, "keystore" element data cannot be encoded, the prefix {RSA} cannot appear in the specified values.
All the keystore parameters may be specified via Java system properties (-Dxxx).
When the system properties are present, they systematically take priority over the wagon.xml configuration.
The data can be configured in the command line using the WagonKeyUtils utility.
The utility parameters are:
For example :
To encode a password with the default parameters:
java -cp "%ADELIWS%\javarun\*" -encode -keyfile pathto\wagon.key textToEncode
Response received:
To use an encoded value in wagon.xml it needs to be prefixed by the {RSA} block:
<userConfiguration driverClassName="oracle.jdbc.driver.OracleDriver" url="jdbc:oracle:thin:@hostname:1521:SID" username="MyUser" password="MyPwd" tableName="WGNSETTINGS"/>
<userConfiguration driverClassName="oracle.jdbc.driver.OracleDriver" url="jdbc:oracle:thin:@hostname:1521:SID" username="MyUser" password="{RSA}NbuFLotGif3x84tycbzsT995n14WYsJssouQSO1/fQcSzyHR4TyFnJXH2m6Xg3cz7hodUcPJYSBawUyg9y4jx8hIXGcy+3HAgg+4HaOleeZOEgF9CIaxu6RxOLZbaqSzfz0e2fSLxzTvSYnV
Vam8Q1DzVXFZZ5GycxPChDWhRs6TYE1jDnedPoouh5k7c2Yt3OAM/ygZp+tsF8XHuL7i5iMW1Y1pDfU9zNIl5VFaO5kNvvTgWs8Vl9v+2+uJOtgyIFIi/mg4ryy89ylMM7pcfleMGlfxkSN95vh/1+/+wtv/lMly03MuFOZfvAJ1vmifgUd6JApBieOV+bCVCuf9YQ==" tableName="WGNSETTINGS"/>
A new private key can be generated with the -generate command for example:
java -cp "%ADELIWS%\javarun\*" -generate pathto\wagon.key
When generating a new key, all the previously created {RSA} tags need to be regenerated. The creation and verification of encoded strings is accessible via http://host[:port]/yourapplication/console/cipher.jsp. |
↑ Top of page |