on Jun 14, 2016Article Content
| Article Number | 000027362 |
| Applies To | Authentication Manager 7.1 SDK |
| Issue | Use encrypted connection properties in SDK client code Sample code uses Command Client username, password, provider URL, and JNDI information stored in the clear. |
| Resolution | Encrypting and decrypting connection properties is left up to the SDK client implementer. Assuming the connection properties are stored as encrypted data in a file specified by a CommandClientAppContextOverrides.xml file the implementer must then create their own class that implements the ConnectionInfoProvider interface. To be invoked by the SDK connection code, the class must be referenced in the CommandClientAppContextOverrides.xml file ConnectionInfoProvider bean definition (instead of com.rsa.command.PropertiesConnectionInfoProvider). For example:
package com.mycompany.client;
public class MyProvider implements com.rsa.command.ConnectionInfoProvider {
private String propertiesFile = null; //using a file to store the properties
public void setPropertiesFile(String propertiesFile) { //invoked by Spring framework if specified in bean definition
this.propertiesFile = propertiesFile; } public String getStringValue(String key) {
String prop = null; //retrieve (and decrypt) the specified property from propertiesFile return prop; }
} |
| Notes | The bean definition in CommandClientAppContextOverrides.xml would then be: ... <!-- | Override the definition of ConnectionInfoProvider |--> <bean name="ConnectionInfoProvider" class="com.mycompany.client.MyProvider" lazy-init="false"> <property name="propertiesFile" value="config.properties"/> </bean> ... |
| Legacy Article ID | a47682 |