Encrypted passwords
Striim encrypts adapter properties of the type com.webaction.security.Password when the adapter is created or altered and decrypts them when providing the values for authentication by a source or target host or service. The cleartext value is not shown in the UI or exported TQL. See also CREATE PROPERTYVARIABLE.
If you are using Oracle JDK 8 or OpenJDK 8 version 1.8.0_161 or later, encryption will be AES-256. With earlier versions, encryption will be AES-128.
To specify a cleartext property in TQL, include Password_encrypted: false
in the adapter properties. This will cause the compiler to encrypt the value when the TQL is loaded.
To encrypt a password for use in TQL, use striim/bin/passwordEncryptor.sh <plaintext password>
. If you are using a Bash or Bourne shell, characters other than letters, numbers, and the following punctuation marks must be escaped: , . _ + : @ % / -
When exporting TQL, you may protect encrypted passwords by specifying a passphrase, which you will need to provide when importing the TQL. This will allow import to a different Striim cluster. Alternatively, you may export without a passphrase, in which case the encrypted passwords in the exported TQL can be decrypted only when imported to the same cluster.