Securing properties in our Project is one of the mandatory things we need to do as part of the best practice. This can be achieved in different ways. In this document we are sharing the possible ways we can achieve this.
There are 3 ways to secure our properties in a file. We are sharing each process in a documented format with the examples.
***Note: For your information, in each method step-3, step-4, step-5 and step-6 are common.
Using cloud Hub(SecurePropertiesgenerator) url:
Step-1: Go to URL Secure Properties Generator (cloudhub.io)
Enter the details of SecurityKey and value, the key should be remembered for further use.
***Key (securing key, used to encrypt or decrypt value) length should be 16 only.
Step-2: Create a property file it may be .properties file or .yaml file to place the properties we have secured in the step-1. It is better to start the file name with secure, hence we could easily identify it as a secured file.
Goto anypoint studio create a file with the format: secure.xxxx.YYY
xxxx—env name
YYYY—yaml or properties
Place the generated value in the file against key and wrap with ![……]
***Note: properties file format is different in case of .properties file and .yaml file. It is your duty to know or google for that.
Step-3: Configure the secure properties config element in global elements.
Go to global elements→Create —>secure properties config
***Note: Pass the key(security key) and value as global property
Step-4: Pass the environment details as global property
Step-5: For any unsecured properties we have in our project, we need to configure configuration properties element as shown below
Step-6: Use the secure properties in the configurations.
Using secure properties JAR file and command prompt(cmd):
Step-1: Download the Secure Properties Tool Jar file using the link below.
Download link: https://docs.mulesoft.com/mule-runtime/4.4/_attachments/secure-properties-tool.jar
Keep the file somewhere in C or D Drives, go to that location and open CMD in that location.
CMD is going to open in the targeted directory shown as below,
Step-2: we have commands to encrypt and decrypt any value using the command prompt.
ENCRYPTION:
| java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool string encrypt Blowfish CBC mulesoft “xyz123” |
Understand the Command :
java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool \
<method> \ string/file/file level
<operation> \ encrypt or decrypt
<algorithm> \ Type of algorithm Blowfish/AES/DES
<mode> \ mode of operation CBC/CFB/ECB
<key> \ it may be any value used to encrypt or decrypt
<value> keep the value In “xyz“ (quotes)
DECRYPTION:
| java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool string decrypt Blowfish CBC mulesoft “Q+ITKYJa8yo=” |
Step-3: Configure the secure properties config element in global elements.
Go to global elements→Create —>secure properties config
***Note: Pass the key(security key) and value as global property
Step-4: Pass the environment details as global property
Step-5: For any unsecured properties we have in our project, we need to configure configuration properties element as shown below
Step-6: access the secure properties in the configurations.
Using anypoint studio secure property software module:
(***Note: this method works with .properties file only)
Step-1: We need to install a security module in to our studio.
Use the link to search the required module. http://security-update-site-1.4.s3.amazonaws.com
Continue with the installation process.
Continue with the installation process.
Step-2:
Now go to properties folder in the src/main/resources, right click on the file
Go to open with—>Mule properties editor
It will open the file as shown below, double click on the one of the property name which needs to encrypt or decrypt.
Click on the encrypt or decrypt button, it will pop up a separate window. Select the algorithm and key (which is used to encrypt and decrypt the values). Then click ok.
***Note: key must be 16 characters only.
It performs the encryption or decryption.
***Note: This 2nd step process is the same for encryption and decryption.
Step-3: Configure the secure properties config element in global elements.
Go to global elements→Create —>secure properties config
***Note: Pass the key(security key) and value as global property
Step-4: Pass the environment details as global property
Step-5: For any unsecured properties we have in our project, we need to configure configuration properties element as shown below
Step-6: access the secure properties in the configurations.
Install the Extension Module (Mule Secure Configuration element):
If Mule Secure Configuration element is not available in our Mule Palette, we need to download it from the exchange
- Open your Mule project in Anypoint Studio.
- Go to the Mule Palette section.
- Click Search in Exchange.
- In the Add Module to Project window, search for Mule Secure Configuration Property Extension in the Type a search term to look up in the Exchange box.
- Select the module name in the list.
- Click Add and then Finish.
