Institutions wishing to bootstrap their databases, and encrypt sensitive values afterwards will find great value in the
post-load-encrypt target provided in
The import tool provided with the distribution does not handle encryption of data. It takes the values in the XML files and inserts them literally into the database. So, if you have data which needs to be encrypted, you can either pre-encrypt it before creating the XML files (or insert using your own mechanism/tools) or use this post-load encryption process.
Usage of the target is very straightforward:
.propertiesfile must be created, that lists all of the attributes of a given class that must be encrypted. See the example file below.
- All properties to be encrypted must have
conversion="org.kuali.core.util.OjbKualiEncryptDecryptFieldConversion"as part of their
<field-descriptor>in OJB. (You will be told if this is not the case.)
- The path to the newly-created
.propertiesfile must be listed in the
kuali-build.propertiesfile, for the build target to work properly. See the configuration properties page.
- Using Eclipse or
ant, run the
dist-localtarget, followed by the
post-load-encrypt uses a standard
.properties file to load its set of attributes to encrypt. The format followed is as such: