Integration & IT Modernization

Mule Enterprise Security- Password Encryption Steps

Every project needs to store passwords to access some resources, such as DB, network accounts etc.  Mule uses java properties to store the passwords. Since property files are in text format, we need to encrypt these passwords.

There are two ways to do this with Mule. One method is to use pure java solution, the other is to use Mule enterprise security package. This post describes the latter with step by step instructions.

Install

Please reference https://docs.mulesoft.com/mule-user-guide/v/3.6/installing-anypoint-enterprise-security for Enterprise Security install. Here are screen shots.

image1

encrypt-image2encrypt-image3

Edit Properties

After install and restart studio, right click on property file and select “Mule Property Editor” to open the property file (reference https://docs.mulesoft.com/mule-user-guide/v/3.6/mule-credentials-vault)

encrypt-image4

encrypt-image5

Add properties

encrypt-image6

Encrypt password

Select the master password (for testing, you can select “mule”), this master password will be entered by the admin at runtime for production environment, select BlowFish for Algorithm

encrypt-image7

Add “Property PlaceHolder”

Enter the property file name (custom property files are stored under main/resources):

encrypt-image8 encrypt-image9

Add Security Property PlaceHolder

encrypt-image10

encrypt-image11

Testing In Studio:

Modify mule-app.properties

env=tst

masterkey=mule

 

Testing on ESB server:

Using command line –M-Denv=test –M-Dmasterkey=mule

Run “mule –M-Denv=tst  -M-Dmasterkey=mule

Side Notes:

Warning: I have encountered the situation when “property-placeholder” appeared before “secure-property-placeholder” can cause decryption to fail. Not sure that’s the exact cause…

<secure-property-placeholder:config name=”Secure_Property_Placeholder” encryptionAlgorithm=”Blowfish” key=”${masterkey}” location=”enc-${env}.properties” doc:name=”Secure Property Placeholder”/>

<context:property-placeholder location=”enc-${env}.properties”/>

Thoughts on “Mule Enterprise Security- Password Encryption Steps”

  1. Hi. I followed your guide but I get the following error.
    cvc-complex-type.2.4.a: Invalid content was found starting with element ‘secure-property-placeholder:config’. One of ‘{“http://www.mulesoft.org/schema/mule/co
    re”:annotations, “http://www.mulesoft.org/schema/mule/core”:description, “http://www.springframework.org/schema/beans”:beans, “http://www.springframework.org/schema/beans”:bean, “http://www.springfram
    ework.org/schema/context”:property-placeholder, “http://www.springframework.org/schema/beans”:ref, “http://www.mulesoft.org/schema/mule/core”:global-property, “http://www.mulesoft.org/schema/mule/core
    “:configuration, “http://www.mulesoft.org/schema/mule/core”:notifications, “http://www.mulesoft.org/schema/mule/core”:abstract-extension, “http://www.mulesoft.org/schema/mule/core”:abstract-shared-ext
    ension, “http://www.mulesoft.org/schema/mule/core”:abstract-mixed-content-extension, “http://www.mulesoft.org/schema/mule/core”:abstract-agent, “http://www.mulesoft.org/schema/mule/core”:abstract-secu
    rity-manager, “http://www.mulesoft.org/schema/mule/core”:abstract-transaction-manager, “http://www.mulesoft.org/schema/mule/core”:abstract-shared-transaction-manager, “http://www.mulesoft.org/schema/m
    ule/core”:abstract-connector, “http://www.mulesoft.org/schema/mule/core”:abstract-shared-connector, “http://www.mulesoft.org/schema/mule/core”:abstract-global-endpoint, “http://www.mulesoft.org/schema
    /mule/core”:abstract-exception-strategy, “http://www.mulesoft.org/schema/mule/core”:abstract-flow-construct, “http://www.mulesoft.org/schema/mule/core”:flow, “http://www.mulesoft.org/schema/mule/core”
    :sub-flow, “http://www.mulesoft.org/schema/mule/core”:abstract-model, “http://www.mulesoft.org/schema/mule/core”:abstract-interceptor-stack, “http://www.mulesoft.org/schema/mule/core”:abstract-filter,
    “http://www.mulesoft.org/schema/mule/core”:abstract-transformer, “http://www.mulesoft.org/schema/mule/core”:processor-chain, “http://www.mulesoft.org/schema/mule/core”:custom-processor, “http://www.m
    ulesoft.org/schema/mule/core”:abstract-empty-processor, “http://www.mulesoft.org/schema/mule/core”:invoke, “http://www.mulesoft.org/schema/mule/core”:set-payload, “http://www.mulesoft.org/schema/mule/
    core”:abstract-global-intercepting-message-processor, “http://www.mulesoft.org/schema/mule/core”:custom-queue-store, “http://www.mulesoft.org/schema/mule/core”:abstract-processing-strategy}’ is expect
    ed.

  2. Yuan Meng Post author

    A few questions for you… what’s the full version of your studio? on which step did you get the error? do you have another computer that you can install a new studio and test it?

    I have followed the same steps before, it was working. I just installed on a brand new VM today. I’ll give a try later and let you know.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up
Follow Us
TwitterLinkedinFacebookYoutubeInstagram