LDAP/AD password encryption
Follow the steps below to enable LDAP/AD password encryption in Transact. The following files will require changes:
-
server.xml
located at Ephesoft\JavaAppServer\conf\
-
user-connectivity.properties
located at \Ephesoft\Application\WEB-INF\classes\META-INF\dcma-user-connectivity
-
dcma-ftp.properties
located at \Ephesoft\Application\WEB-INF\classes\META-INF\dcma-ftp
Follow these steps:
-
Run encryptor.bat located at:
<Transact Installation Folder>\Application\native\encryption\Encryptor.bat
- Enter the password string that needs to be encrypted.
- Press Enter to access the encrypted password.
- Set the <Transact-application>\WEB-INF\classes\META-INF\dcma-encryption\dcma-encryption.properties to password.use_encryption=true
- Change the className attribute in the following <Realm className="org.apache.catalina.realm.JNDIRealm"/> to <Realm className="com.ephesoft.realm.EphesoftRealm"/> in the server.xml file.
- Enter an encrypted password for the connectionPassword attribute in the <Realm … > tag in the server.xml Example: <Realm className="com.ephesoft.realm.EphesoftRealm" connectionPassword = "mzoanUU1UD0rc1PvexuAKw=="/>.
- Turn on the password.use_encryption property present in the dcma-encyption.properties located at Ephesoft\Application\WEB-INF\classes\META-INF\dcma-encryption.password.use_encryption=true.
- Use an encrypted password for the user.connectivity_password property in the dcma-userconnectivity.properties.user.connectivity_password="mzoanUU1UD0rc1PvexuAKw==".
-
Enter
<!- before and
-> after the following line:
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>.
Do not comment out the </Realm> on the next line.
- Encrypt the user name and password in the following file: \Ephesoft\Application\WEB-INF\classes\META-INF\dcma-ftp.
-
Restart the
Transact
service.
The encryption algorithm and cipher strength used by encryptor.bat from Ephesoft Transact is PBEWithMD5AndDES (56 bits).