The ability to use encrypted passwords with WAR or ZIP files delivered in CAST Dashboards ≥ 2.0 is currently not supported.
Summary: this page describes how to encrypt logins and passwords for the CAST dashboards/RestAPI:
Encrypting access to CAST Storage Service/PostgreSQL
|Note that in WARs delivered in CAST AIP ≥ 8.3.4 and all CAST Dashboard Packages, database Database server credential encryption is only supported for Dashboards deployed on Apache Tomcat 8 or above.|
When configuring access to an LDAP server for authentication, an LDAP user and service account login and password must be specified in thesecurity.properties file in clear text as described in User authentication:
When successfully authenticated, you now need to enter the credentials (service account login and password) for your LDAP server ( that you would ordinarily enter into the security.properties file for configuring LDAP mode) , and that you wish to encrypt. In the example below, we have entered the required LDAP credentials:
Note thatif you previously entered the username in the format "firstname.lastname@example.org" (as oppose to "username") in the security.properties file, you MUST also enter the username in the format "email@example.com" here.
the encryption key combines the values assigned to the following lines in the security.properties file:
Therefore, you must enter in the "username" and "password" fields in the encryption tool EXACTLY what is entered in the "security.ldap.account.dn=" and "security.ldap.account.password=" lines in the security.properties file. For example, if the security.properties file contains:
...then you need to enter exactly the same in the following fields:
Now click the Encrypt button - CAST will then generate a key that relates to the credentials you entered: