Syncrify » Knowledge base

Document information

Document ID: 2183
Subject: Encrypting user passwords when using an RDBMS
Creation date: 9/26/12 1:26 PM
Last modified on: 11/12/18 12:15 PM


Encrypting user passwords when using an RDBMS

You can use an RDBMS to store user information in Syncrify. Aside from user names and other configuration parameters, the password for the user is also stored in the table. The value for the password, however, is in clear allowing anyone with access to see it.

The password is in clear by design. Imagine you are using your own website to add, modify and delete users. The only way both Syncrify and your website will be able to view/modify data in this table is if the password is in clear or both system use same algorithms to encrypt and decrypt password.

There are two options if you decide to encrypt these passwords:

Default encryption
This method is less work but is also less flexible. It only works if the build number of Syncrify server is 688 or higher. It uses a built-in encryption method which encrypts and decrypts passwords. Follow the steps below to use this method.
  • Stop Syncrify
  • Locate AppConfig.xml file in $INSTALL_DIR\config folder and open it any editor
  • Add a new parameter line with the following text.
    <parameter name="client.plugin.password.encryptor" type="1" value="Synametrics"></parameter>
    After modification the AppConfig.xml file should look something like:



  • Save the file
  • Restart Syncrify
  • Modify every user in Syncrify and without changing the value for the password, save the screen. This will encrypt the password in the database.
Since you are not familiar with the algorithm used nor you have the encryption key, no other system can decrypt the stored password.
Custom encryption
Custom encryption allow you to write your own code. The algorithm in this code can be used on multiple systems, for example your website and Syncrify, to encrypt and decrypt passwords. Follow the steps below to use this method.
  • Code must be written in Java
  • All you need is one class file that implements this interface.
  • You can use SyncrifyServer.jar file in your CLASSPATH during compilation, which already has this file in it.
  • Once your code is compiled, compress the .class files in a JAR file and place that JAR file in $INSTALL_DIR/libs folder.
  • Once done, modify the AppConfig.xml file with the following line:
    <parameter name="client.plugin.password.encryptor" type="1" value="com.xyz.YourClassName"></parameter>
    Replace com.xyz.YourClassName with the actual class name.
  • Save the file
  • Restart Syncrify
  • Modify every user in Syncrify and without changing the value for the password, save the screen. This will encrypt the password in the database.




Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post any questions here. Instead, use our public forums to post questions.

Navigation

Social Media

Powered by 10MinutesWeb.com