Posted by on

 


 

Introduction:

Securing information is at most important in any organization or any industry. Coming to MuleSoft there are many properties we must encrypt in our Mule application. For example, database passwords, Salesforce Username and password, Client Credentials, etc.

Data is stored in the property file as key value pair. This property file can store information like User name, Password and other sensitive data. After storing these data in the property file, we need encryption to restrict unauthorised access and to protect the data. To do this we are using the MuleSoft’s Secure Configuration Property.

Secure Properties Tool:

In order to encrypt the data, we need to use the Secure Properties Tool.

Download Secure Properties Tool JAR from the using below link.

https://docs.mulesoft.com/downloads/mule-runtime/4.2/secure-properties-tool.jar

Encrypt: Using this command encrypt the data

                        
                      java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool

This command used for the encrypting data: Algorithm- Blowfish, mode-CBC,

key-mani, value-username & password

java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool string encrypt Blowfish  CBC mani Pa*****d

            

         Dev.propertie file

            Here we are encrypting Host,port,username,password

Secure propertie flow

    • Drag and drop HTTP Listener and configure it. 
    • Use database select component and configure it.
    • Drag and drop a transform message to transforming data into JSON format

 


 After encryption

If you cannot see the Secure Configuration Property option then please do following

         1.     Click search in exchange

         2.     Type -secure

         3.     Click Mule Secure Configuration Add into select modules.

 Add the Mule Secure Configuration Property module and Click Finish.

Secure Properties Config

Go back to Global properties and search for secure properties config.

Provide the correct key and encrypt algorithm (choose the secure properties file)

Database Config

To read secure properties in Database Config – ${secure::db.username} etc.

Run the project.

Conclusion using API client test application

                 url:  http://localhost:8081/db

                 Method: GET   

    • We will get the response from the database “existing user data”. 

 

Reference

https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties

Comments

Post a Comment