Striim 4.0.5 documentation

Encrypted passwords

Striim encrypts adapter properties of the type when the adapter is created or altered and decrypts them when providing the values for authentication by a source or target host or service. The cleartext value is not shown in the UI or exported TQL. See also CREATE PROPERTYVARIABLE.

If you are using Oracle JDK 8 or OpenJDK 8 version 1.8.0_161 or later, encryption will be AES-256. With earlier versions, encryption will be AES-128.

To specify a cleartext property in TQL, include Password_encrypted: false in the adapter properties. This will cause the compiler to encrypt the value when the TQL is loaded.

To encrypt a password for use in TQL, use  striim/bin/ <plaintext password>. If you are using a Bash or Bourne shell, characters other than letters, numbers, and the following punctuation marks must be escaped: , . _ + : @ % / -

When exporting TQL, you may protect encrypted passwords by specifying a passphrase, which you will need to provide when importing the TQL. This will allow import to a different Striim cluster. Alternatively, you may export without a passphrase, in which case the encrypted passwords in the exported TQL can be decrypted only when imported to the same cluster.