As part of your ATG application, you may find it useful to encode or encrypt sensitive information that is stored in properties files. Encoding can be performed using the atg.core.util.Base64
class, or another method you prefer.
You must then be able to access the encrypted information. The atg.nucleus.PropertyValueDecoder
class defines a component that can decode the value of properties encoded using Base64 (no other standards are currently supported out of the box). You can use a component of this type if you need to protect properties that should remain encoded until their value is used; for example, DataSource
components can use a PropertyValueDecoder
component to decrypt user and password properties before using them to create a database connection. These sensitive pieces of information are protected in the DataSource
’s .properties file until they’re needed.
To use PropertyValueDecoder
, you must modify your original component to use the decoder for the property you have encoded. Do not make the decoded value visible to any public method or property. The PropertyValueDecoder
’s decode()
method should be called and its return value used directly (apart from type casting). This allows your component to use different implementations of the PropertyValueDecoder
interface without modification.
Out of the box, the atg.service.jdbc.FakeXADataSource
class supports this feature. To use it, create an atg.service.jdbc.SimpleLoginDecoder
component (which implements PropertyValueDecoder
) called MySimpleLoginDecoder
. Set the loginDecoder
property of FakeXADataSource
to MySimpleLoginDecoder
. You can then set the values of the user
and password
properties in FakeXADataSource
with Base64-encoded values, and rely on the decoder to pass the decoded login to the database when connections are created.
If you need more robust security, you might subclass LoginDecoder
and override it’s decode()
methods, or implement your own PropertyValueDecoder
to accommodate that need.