Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


On this page:
Panel
Note

The ability to use encrypted passwords with WAR or ZIP files delivered in CAST Dashboards ≥ 2.0 is currently not supported.


Panel

Table of Contents


Info

Summary: this page describes how to encrypt logins and passwords for the CAST dashboards/RestAPI:

  1. when connecting to CAST Storage Service/PostgreSQL
  2. when configuring LDAP authentication

...

Encrypting access to CAST Storage Service/PostgreSQL

Info
Note that in WARs delivered in CAST AIP ≥ 8.3.4 and all CAST Dashboard Packages, database Database server credential encryption is only supported for Dashboards deployed on Apache Tomcat 8 or above.

...

When configuring access to an LDAP server for authentication, an LDAP user and service account login and password must be specified in thesecurity.properties file in clear text as described in User authentication:

...

When successfully authenticated, you now need to enter the credentials (service account login and password) for your LDAP server ( that you would ordinarily enter into the security.properties file for configuring LDAP mode) , and that you wish to encrypt. In the example below, we have entered the required LDAP credentials:

Info

Note that

if you previously entered the username in the format "username@domain.company.com" (as oppose to "username") in the security.properties file, you MUST also enter the username in the format "username@domain.company.com" here.

the encryption key combines the values assigned to the following lines in the security.properties file:

Code Block
security.ldap.account.dn=cn=serviceaccount,dc=example,dc=com
security.ldap.account.password=password

Therefore, you must enter in the "username" and "password" fields in the encryption tool EXACTLY what is entered in the "security.ldap.account.dn=" and "security.ldap.account.password=" lines in the security.properties file. For example, if the security.properties file contains:

Code Block
security.ldap.account.dn=CN=myserviceaccount,DC=example,DC=com
security.ldap.account.password=mypassword

...then you need to enter exactly the same in the following fields:

Image Added

Now click the Encrypt button - CAST will then generate a key that relates to the credentials you entered:

...