When WSO2 ESB and WSO2 MB integrated together, we need to specify the connection url at ESB side, so that it can connect to Message Broker. For that we use following configuration file.
[ESB_HOME]/repository/conf/jndi.properties
Issue here is this connection url contains credentials to connect to broker. Hence, the server admins would not like to specify it pain text. To get over with this concern and encrypt it, we can use encryption.
We cannot use cipertool to automate encryption process for the selected elements in the jndi.properties file, because we can only specify Xpath notation here, but still we can use the manual process.
[ESB_HOME]/repository/conf/jndi.properties
Issue here is this connection url contains credentials to connect to broker. Hence, the server admins would not like to specify it pain text. To get over with this concern and encrypt it, we can use encryption.
We cannot use cipertool to automate encryption process for the selected elements in the jndi.properties file, because we can only specify Xpath notation here, but still we can use the manual process.
Sample [ESB_home]/repository/conf/jndi.properties file. Here admin:admin is the username and password to connect to Message Broker.
# register some connection factories # connectionfactory.[jndiname] = [ConnectionURL] connectionfactory.QueueConnectionFactory = amqp://admin:admin@clientID/carbon?brokerlist ='tcp://localhost:5672' # register some queues in JNDI using the form # queue.[jndiName] = [physicalName] queue.MyQueue = example.MyQueue # register some topics in JNDI using the form # topic.[jndiName] = [physicalName] topic.MyTopic = example.MyTopic
-
Go to the [ESB_home]/bin and execute the following command to generate the encrypted value for the clear text password.
sh ciphertool.sh
-
It will prompt following console for input value. Answer: wso2carbon
[Please Enter Primary KeyStore Password of Carbon Server : ]
-
Then it will appear second console for following input value.
(Answer: According to our property file, the plain text is "amqp://admin:admin@clientID/carbon?brokerlist='tcp://localhost:5672'".)
Encryption is done Successfully Encrypted value is :cpw74SGeBNgAVpryqj5/xshSyW5BDW9d1UW0xMZDxVeoa6xS6CFtU +ESoR9jRjyA1JRHutZ4SfzfSgSzy2GQJ/2jQIw70IeT5EQEAR8XLGaqlsE5IlNoe9dhyLiPXEPRGq4k/BgU QDYiBg0nU7wRsR8YXrvf+ak8ulX2yGv0Sf8=
-
Open the cipher-text.properties file, which is under [ESB_home]/repository/conf/security and add the following entry.
connectionfactory.QueueConnectionFactory=cpw74SGeBNgAVpryqj5/xshSyW5BDW9d1UW0xMZ DxVeoa6RjyA1JRHutZ4SfzfSgSzy2GQJ/2jQIw70IeT5EQEAR8XLGaqlsE5IlNoe9dhyLiPXEPRGq4k/BgUQD YiBg0nU7wRsR8YXrvf+ak8ulX2yGv0Sf8=
-
Open the [ESB_home]/repository/conf/jndi.properties file and update the key/value of connectionfactory field.
connectionfactory.QueueConnectionFactory=secretAlias:connectionfactory.QueueConnectionFactory
No comments:
Post a Comment