Encrypting Passwords for Use in cache.xml
Apache Geode provides a gfsh utility to generate encrypted passwords.
You may need to specify an encrypted password in
cache.xml when configuring JNDI connections to external JDBC data sources. See Configuring Database Connections Using JNDI for configuration examples.
cache.xml file accepts passwords in clear text or encrypted text.
To generate an encrypted password, use the encrypt password command in
gfsh. The following example shows a sample command invocation and output (assuming
my_password is the actual password for the data source). After you start gfsh, enter the following command:
gfsh>encrypt password --password=my_password AB80B8E1EE8BB5701D0366E2BA3C3754
Copy the output from the
gfsh command to the
cache.xml file as the value of the password attribute of the
jndi-binding tag embedded in
encrypted(), just like a method parameter. Enter it as encrypted, in this format:
To use a non-encrypted (clear text) password, put the actual password as the value of the password attribute of the
jndi-binding tag, like this: