Institutions wishing to bootstrap their databases, and encrypt sensitive values afterwards will find great value in the post-load-encrypt
target provided in build.xml
.
The import tool provided with the distribution does not handle encryption of data. It takes the values in the XML files and inserts them literally into the database. So, if you have data which needs to be encrypted, you can either pre-encrypt it before creating the XML files (or insert using your own mechanism/tools) or use this post-load encryption process.
Usage of the target is very straightforward:
- A
.properties
file must be created, that lists all of the attributes of a given class that must be encrypted. See the example file below. - All properties to be encrypted must have
conversion="org.kuali.core.util.OjbKualiEncryptDecryptFieldConversion"
as part of their<field-descriptor>
in OJB. (You will be told if this is not the case.) - The path to the newly-created
.properties
file must be listed in thekuali-build.properties
file, for the build target to work properly. See the configuration properties page. - Using Eclipse or
ant
, run thedist-local
target, followed by thepost-load-encrypt
target.
File Structure
post-load-encrypt
uses a standard .properties
file to load its set of attributes to encrypt. The format followed is as such: