1. Documentation
2. 10.2 (Latest)10.110.09.109.99.89.79.69.59.49.39.29.19.08.28.18.07.6
3. Server
4. Configure
5. Users groups
6. Encrypting local-security value

Encrypting local-security value

The values of yourlocal-security.propertiescan be encrypted in order to better protect yourLDAP/SAMLconfiguration.

The following steps have to be followed in the order they are presented. If you place an encrypted value in the properties file without configuring the appropriate setting, Server will fail to start.

Configure the Server Settings

First you need to create a new Server property that will contain your encryption key. Your new property should be calledcom.rapidanalytics.encryption.keyand the value should be whatever encryption key you choose.

Your settings page should look similar to the one above. Replace "secret" with your encryption key. You can find more info about Modifying System Settingshere.

Encrypt the value

In order to encrypt the value you need to download and extract thejasypt utility.

After downloading and extracting, navigate to the\ binfolder. We will be using theencryptutility. From the command line, use the encrypt utility as shown below.

ReplacePROPERTYwith the value of the property you want to encrypt, andENCRYPTION_KEYwith the key you defined in the Server Settings.

.\encrypt input=PROPERTY password=ENCRYPTION_KEY algorithm=PBEWithMD5AndTripleDES ----ENVIRONMENT----------------- Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 25.102-b14 ----ARGUMENTS------------------- algorithm: PBEWithMD5AndTripleDES input: PROPERTY password: secret ----OUTPUT---------------------- aXl9Hfj3gIt7jpHN2MUINmHj33/cGAHL

ReplacePROPERTYwith the value of the property you want to encrypt, andENCRYPTION_KEYwith the key you defined in the Server Settings.

Open yourlocal-security.propertiesfile and replace the property value you encrypted with the Output string, surrounded byENC(xxxxxx). For example:

ldap.password=changeit

Becomes:

ldap.password=ENC(aXl9Hfj3gIt7jpHN2MUINmHj33/cGAHL)

After this, you can restart Server, and if properly configured, yourLDAP/SAMLconnection should work as expected. If you still have not configured yourLDAP/SAMLconnection, you can learn how to configureLDAP hereandSAML here.