Skip to main content

Striim Cloud 4.1.0 documentation

Encrypted passwords

Striim encrypts adapter properties of the type when the adapter is created or altered and decrypts them when providing the values for authentication by a source or target host or service. The cleartext value is not shown in the UI or exported TQL. See also CREATE PROPERTYVARIABLE.

If you are using Oracle JDK 8 or OpenJDK 8 version 1.8.0_161 or later, encryption will be AES-256. With earlier versions, encryption will be AES-128.

To specify a cleartext property in TQL, include Password_encrypted: false in the adapter properties. This will cause the compiler to encrypt the value when the TQL is loaded.

To encrypt a password for use in TQL, use  striim/bin/ <plaintext password>. If you are using a Bash or Bourne shell, characters other than letters, numbers, and the following punctuation marks must be escaped: , . _ + : @ % / -

When exporting TQL, you may protect encrypted passwords by specifying a passphrase, which you will need to provide when importing the TQL. This will allow import to a different Striim cluster. Alternatively, you may export without a passphrase, in which case the encrypted passwords in the exported TQL can be decrypted only when imported to the same cluster.