1 Reply Latest reply: Oct 18, 2012 10:05 AM by Nitin Khare RSS

    Storing a secret string


      Our ATG based site has to make a call to a REST web services located in the cloud (somewhere on the internet). The call only executes when we send a secret api key along with it. This key is configurable. It can change over time. Normally we would store similar configuration strings in ATG nucleus property files. However, in this case, we do not want the key to be stored unencrypted on the file system of the ATG server.

      We are now looking for some sort of vault in which we can store the key. Does anyone happen to know of such a solution? We checked if the Java keystore/keytool could help us but that requires a specific format. Any other suggestions are very welcome.

      Thanks in advance,

        • 1. Re: Storing a secret string
          Nitin Khare
          If you want to encrypt any sensitive information that is stored in a Nucleus component properties file, you can do that by providing an implementation of atg.nucleus.PropertyValueDecoder. Then within your component you can decode the value of encoded property before you actually use it.


          PropertyValueDecoder has two variants of decode() method as: public String decode(String s) and public Object decode(Object o). There are two default OOB implementation provided also for PropertyValueDecoder which are atg.service.jdbc.SimpleLoginDecoder and atg.crypto.CipherPropertyValueDecoder. SimpleLoginDecoder uses the OOB class atg.core.util.Base64 for decoding the encrypted value in the properties file while CipherPropertyValueDecoder class can use a atg.crypto.Cipher object where you can have you own encrypt/decrypt implementations.