Managing Encrypted Passwords in Release
Release provides a mechanism to automatically encrypt passwords and enables you to refer to them, so you do not need to store third-party passwords in plain text in configuration files.
To declare a new third-party password:
To automatically encrypt passwords:
- Add the password to the
XL_RELEASE_SERVER_HOME/conf/xl-release-server.conf
file:third.party.password=value
The key must end with .password
.
-
Restart Release. The password will automatically be encrypted in the
xl-release-server.conf
file.third.party.password={aes\:v0}vEWwVYoSXqKXW+1Zro5u4KwFiMfsQJ0TJBeTsmtXgv8\=
-
Use the password in Spring configuration files. For example, if you declare
ldap.xlrelease.password
in thexl-release-server.conf
file, then you can use it in theXL_RELEASE_SERVER_HOME/conf/xl-release-security.xml
file:<bean id="ldapServer" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<property name="password" value="${ldap.xlrelease.password}"/>
...
</bean>
Using the password in an Integration plugin
This example shows you how to use the password in your plugin.
To begin, you need to add two classes to the plugin:
com.xebialabs.xlrelease.config.XlrConfig
com.xebialabs.deployit.util.PasswordEncrypter
The XlrConfig
class allows you to access the password value stored in the xl-release-server.conf
file. Whereas, the PasswordEncrypter
class enables you retrieve the password in plain text.
To use the passwords in your plugin script:
- Add the password to the release-server.conf file :
acme.password=somepassword
- When you restart the server, the password will be stored as an encrypted string. For example:
acme.password={aes\:v0}vEWwVYoSXqKXW+1Zro5u4KwFiMfsQJ0TJBeTsmtXgv8\=
- To retrieve the encrypted password value:
myTemp = XlrConfig.getInstance().getConfig(“acme.password”);
- To retrieve the plain text password value:
myClearPassword = PasswordEncrypter.getInstance().decrypt(myTemp);