PDI has a basic obfuscation method for making it difficult for casual people to lift passwords for DB connections. I have customers that maintain different versions of a “shared.xml” file that maintain different physical connections to databases (think development, QA/testing, and production).
In order to generate the different shared.xml, a user has to usually (per Matt Casters comment below there is a utility that allows user to do this outside of Spoon) open up PDI, created the connections, save them, and then sometimes copy and paste the sections needed to create their “dev” version of shared.xml or their “production” version of shared.xml. Many times this just to generate the password, as they can hand edit the other pieces (hostname, schema, etc).
I just committed a quick little PDI transformation that gives you the PDI encrypted form of a password.
Happy Password Encrypting!
Nick, Kettle also ships with the Encr program that allows you to obfuscate passwords.
Take care,
Matt
Matt – can you tell that I’ve never used it? 🙂
This customer did want to do several passwords; that can also be done in a bash script or the like as well.
Consider it an example KTR for password obfuscation and another example of how to call Java objects from inside Kettle since that seems to be a recent theme!
Happy Friday!
Cool, with your example and Matt’s answer at pentaho forum -> http://forums.pentaho.org/showthread.php?t=59651 <- I just managed to get the MD5 sum from a list of files:
var md5_hash = ”;
file = new Packages.java.io.File(filename.getString());
fileInputStream = new Packages.java.io.FileInputStream(file);
var content = Packages.org.pentaho.di.core.Const.createByteArray(file.length());
fileInputStream.read(content, 0, file.length());
fileInputStream.close();
md5_hash = Packages.org.apache.commons.codec.digest.DigestUtils.md5Hex(content);
Thanks!!
Via Daniel Einspanjer.. “Kettle has actually had functions in the Calculator step that do file hashes for a while…”.
Please look at the forum above for an example ktr
This is great! Thanks!
I notice that the password encryption doesn’t work for Salesforce steps. Not sure why. Maybe need to log a JIRA…