secure sensitive data with mule credentials vault
Post on 05-Apr-2017
102 Views
Preview:
TRANSCRIPT
Mule Credentials Vault used to encrypt the data in .properties file. Data stored in the properties file as a name-value pair. It can stored various information like username, password, security tokens. This data are very sensitive and required by application at runtime. So you need to store the data in properties file as encrypted data to restrict from unauthorized access and to protect the data use below three ingredients
▪ Mule Credentials Vault.
▪ Global Secure Property Placeholder element .
▪ Key to unlock the vault.
In context on Anypoint Enterprise Security, the property file which stores the encrypted property is know as Mule Credentials Vault.
Placeholders, Keys, and Vaults
In Mule, you can set up several variations of the Placeholder-Vault-Key relationship.
One-to-One-to-One Relationship
One-to-One-to-One relationship is simple. This relationship use one key to decrypts the properties in one property file.
One-to-One-to-Many Relationship
This relationship use one key to decrypts the properties in multiple property file.
Many-to-Many-to-Many Relationship
This relationship use one key to decrypts the properties in only one property file.
Encrypt Properties
First make sure that Anypoint Enterprise Security installed in your Anypoint Studio.
Go to src/main/resoources folder in your mule application and right click it. Select New > File.
In New file wizard, enter the filename security-test.properties. You can enter the filename of your choice but make sure file extension is .properties and click Finish.
If you do not want to encrypt the data, simply click the ok to add new property to properties file. However, if you want to encrypt the data click on Encrypt button. This will open new dialog in which you need to provide Key and select Algorithm that can be used to encrypt the data.
This Key is very important and don't forget the key. The key that you enter to encrypt the properties file is the same key that the administrator enters at runtime. Be sure to keep this key secure and pass it to the administrator(s) who deploys and runs your Mule application.
Click OK to complete the encryption.
In the Add a new property dialog, Studio displays the encrypted value in the Value field (see below). Click OK to save the property.
Repeat all the above steps to add more properties in property file.
Set Global Secure Property Placeholder
Under Global Mule Configuration, create Secure Property Placeholder.
top related