How to setup encryption of the passwords in Talend Studio

 Overview

Whether from a company or from an individual, passwords are always critical assets that should not be shared. You may ask for a way to hide the passwords in Talend Studio so that the passwords are not exposed to others. This article shows how to setup encryption of the passwords with ROT13 algorithm.

Environment

This procedure was written with:

  • Talend Open Studio for Data Integration 5.2.0 r92826.
  • JDK version: Sun JDK build 1.6.0_26-b03
  • Operating system: Windows XP SP3
  • Mysql 5.0.67-community-nt

Talend verified this procedure to be compatible with all versions of Talend Studio.

Procedure

Encrypt the password with ROT13 algorithm

In this example, we will use ROT13 algorithm to encrypt the password, refer to the wiki article about ROT13 algorithm to transform your real password to an encryption string. For example, my password for a Mysql connection is "talend", it can be transformed to "gnyraq" with ROT13 algorithm.

Create custom routine

In Talend Studio, open Repository view, expand Code node and right click on Routines to create a new routine named as "MyRoutine" (for example), add a new function named "decrypt" that we use decryption mechanism of ROT13 algorithm to decrypt the encryption string of the password. The code of the function is read as below:

public class MyRoutine {
    public static String decrypt(String encryptedPassword) {
        StringBuffer output = new StringBuffer();
        // Can be any complex algorithm (SHA, DES etc)
        // Here we chose a very simple decryption mechanism, ROT13
        for (int i = 0; i < encryptedPassword.length(); i++) {
            char c = encryptedPassword.charAt(i);
            if (c >= 'a' && c <= 'm')
                c += 13;
            else if (c >= 'A' && c <= 'M')
                c += 13;
            else if (c >= 'n' && c <= 'z')
                c -= 13;
            else if (c >= 'N' && c <= 'Z')
                c -= 13;
            output.append(c);
        }
        return output.toString();
    }
}

 

Create demo Job

Create a new Job and name it as EncryptPasswordWithR0T13Demo. In this Job, we use a tMysqlInput to read data from a table called person from the database (it can be configured to read data from any a table in your case) and print the result on the console with tLogRow component. The Job design is as below:

Open Contexts view, create a variable and name it as password, String type. 

Click Values as table tab, and set its default value with the encryption string which you have transformed the real password with ROT13 algorithm, in this case, it is "gnyraq".

In the basic settings panel of tMysqlInput_1, configure the Password parameter by calling the custom routine function MyRoutine.decrypt(context.password).

Icon

The demo Job and custom routine are also available in the Related Filessection of this article.

 

Execute the Job to check the DB connection 

Execute the Job to check whether it is able to connect to the database and read data from it. If the Job runs fine and has result printed on the console, means the DB parameters are configured well on tMysqlInput_1, otherwise, the Job will die and throw the exception, can be read as below:

Exception in component tMysqlInput_1
java.sql.SQLException: Access denied for user 'root'@'localhost' (using password: YES)
	at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1075)

This error indicates the authentication is not right for the DB connection. To resolve it, you need to check the following items

  1. Make sure you have the right username/password for the DB connection before you encrypt the password with ROT13 algorithm.
  2. Check you have transformed the right encryption string from your real password.
  3. You have defined the default value of context variable with encryption string.
Version History
Revision #:
1 of 1
Last update:
‎04-17-2017 04:51 PM
Updated by:
 
Labels (1)
Contributors