DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Migrate, Modernize and Build Java Web Apps on Azure: This live workshop will cover methods to enhance Java application development workflow.

Modern Digital Website Security: Prepare to face any form of malicious web activity and enable your sites to optimally serve your customers.

Kubernetes in the Enterprise: The latest expert insights on scaling, serverless, Kubernetes-powered AI, cluster security, FinOps, and more.

A Guide to Continuous Integration and Deployment: Learn the fundamentals and understand the use of CI/CD in your apps.

Related

  • Ensuring Reliable Microservice Deployment With Spring Boot Build Info Maven Plugin
  • New ORM Framework for Kotlin
  • Angular Component Tree With Tables in the Leaves and a Flexible JPA Criteria Backend
  • Practical Example of Using CSS Layer

Trending

  • The ABCs of Unity's Coroutines: From Basics to Implementation
  • Kubernetes vs. Amazon ECS: Container Orchestration Comparison
  • Does AI-Generated Code Need To Be Tested Even More?
  • Real-Time Remediation Solutions in Device Management Using Azure IoT Hub

Credential Vault in Mule 3 vs Mule 4

Read this tutorial in order to learn how to create a credential vault in Mule 3 and also in Mule 4. It includes pictures for reference.

Krishna N user avatar by
Krishna N
·
May. 22, 18 · Tutorial
Like (3)
Save
Tweet
Share
17.5K Views

Join the DZone community and get the full member experience.

Join For Free

Image titleImplementing a credential vault using secure property placeholders, encryption-key, and a credential vault is different in Mule 4 when compared to Mule 3.

Let's see how we will implement this in Mule 3:

Prerequisite: Mule Enterprise Security Module should be installed/plugged-in to the Anypoint Studio 6.x.

To implement this, you will need 3 things:

  1. Creating a credential vault:

Credential Vault is a property file which contains encrypted properties in Key=Value fashion. This can be done as follows:

  • Create a property file under the resources folder.

Image title

  • Open the newly created property file with Mule Properties Editor by right-clicking on the file and select Open With -> Mule Properties Editor.
  • Click on the + icon on the toolbar to create or add the property to the file.

Image title

  • Add properties in Key and Value fashion and click on the Encrypt button to encrypt this specific property value. You can also click the OK button to create a plain property value.
  • Encryption SetUp: Select the appropriate algorithm in the pop-up window. Here, I am choosing the Blowfish as the algorithm and passing the Key (a secret-key used to encrypt these property values) and then clicking on the OK button. (Note: This same key should be made to pass at the run-time so that Mule will use this and decrypt property values during run-time)

Image title

  • Now the value of this particular property will be encrypted and stored in this file.

Image title

  • The above steps should be repeated for creating all sensitive properties that need to be maintained securely.

2. Creating a secure property placeholder:

  • Create a global secure placeholder from theGlobal Elements tab of the canvas.

Image title

  • Give the encryption algorithm a name, mode, and Key used to encrypt/decrypt property values and the location of the credential vault (filename of the secure property file). Then, click on the OK button.

Image title

3. Creating the secret key to demand by the Mule:

  • Deploy the application as Run Configuration and then pass the secret.key and env values as the VM argument by prefixing -D to the Key=Value pair. Multiple Key=Value pairs are to be separated by whitespace.

Image title

  • Click on the Run button to deploy the application.

Now let's see how we will implement this in Mule 4:

Prerequisite: Add secure property configuration extension to the studio by adding the dependency to the project's pom file.

<dependency>

<groupId>com.mulesoft.modules</groupId>

<artifactId>mule-secure-configuration-property-module</artifactId>

<classifier>mule-plugin</classifier>

<version>1.0.0</version>

</dependency>


Here in Mule 4, we also have to do 3 things but in a different way:

  1. Creating a credential vault:
  • Create a property file under the resources folder.

Image title

  • Add properties to this file in a Key=Value fashion.
  • In Mule 4, property values need to be encrypted by using the secure-properties-tool.jar from the command prompt. This jar can be downloaded from the link https://docs.mulesoft.com/mule4-user-guide/v/4.1/_attachments/secure-properties-tool.jar
  • To encrypt or decrypt properties using this tool, open the command prompt and navigate to the path of this tool.
  • You can encrypt each and every single property value or you can encrypt all property values of a file in a single step. It is done using the commands that follow:
    • Encrypt each property value using the command: java -jar secure-properties-tool.jar string <encrypt|decrypt> <algorithm> <mode> <key> <value>
    • Encrypt entire property file at once using the command: java -jar secure-properties-tool.jar file <encrypt|decrypt> <algorithm> <mode> <key> <input file> <output file>
  • If you want encrypt each sing property as a string:

Image title

  • Copy the encrypted text and paste it into the project's property file. Note: Make sure that the encrypted text in property file is enclosed or represented as ![encryptedPropertyValue]

Image title

  • Repeat this to encrypt each property value
  • If you want to encrypt the total property file, then add all properties to the file.

Image title

  • Then, run the command to generate encrypted property file:

Image title

  • Generated file content will look like this:

Image title

  • Use the newly generated file in the project as a credential vault.

Note: We can also use the UI based property encryption process by installing the Mule Enterprise Security Module,  which we used with AnypointStudio 6.x with Mule 3.x

2. Creating a secure properties configuration

  • Create a global secure properties configuration from the Global Elements tab of the canvas

Image title

  • Give the file name, Key used to encrypt/decrypt property value, encryption algorithm name, and mode. Then click on OK button.

Image title

  • A reference to an encrypted property from the project can be made by the ant notation and by prefixing the propertyKey with the "secure::", and it will look like ${secure::database.password}.
  • Note: To refer or to use any property (i.e., both encrypted and plain properties) from a secure-property-placeholder, we need to use "secure::" preceding to the propertyKey.

Image title

3. Creating the secret key to demand by the Mule:

  • Deploy the application as Run Configuration and then pass the secret.key and env values as the VM argument by prefixing -D to the Key=Value pair. Multiple Key=Value pairs are to be separated by whitespace.

Image title

Thanks.

Property (programming)

Opinions expressed by DZone contributors are their own.

Related

  • Ensuring Reliable Microservice Deployment With Spring Boot Build Info Maven Plugin
  • New ORM Framework for Kotlin
  • Angular Component Tree With Tables in the Leaves and a Flexible JPA Criteria Backend
  • Practical Example of Using CSS Layer

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: