DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Modernize your data layer. Learn how to design cloud-native database architectures to meet the evolving demands of AI and GenAI workkloads.

Secure your stack and shape the future! Help dev teams across the globe navigate their software supply chain security challenges.

Releasing software shouldn't be stressful or risky. Learn how to leverage progressive delivery techniques to ensure safer deployments.

Avoid machine learning mistakes and boost model performance! Discover key ML patterns, anti-patterns, data strategies, and more.

Related

  • Externalize Microservice Configuration With Spring Cloud Config
  • A Guide To Build, Test, and Deploy Your First DApp
  • How To Build Web Service Using Spring Boot 2.x
  • Visually Designing Views for Java Web Apps

Trending

  • AI's Dilemma: When to Retrain and When to Unlearn?
  • Why We Still Struggle With Manual Test Execution in 2025
  • Scalable System Design: Core Concepts for Building Reliable Software
  • Stateless vs Stateful Stream Processing With Kafka Streams and Apache Flink

Hiding Application Properties in CloudHub

Keep your application properties safe with CloudHub.

By 
Manish Kumar user avatar
Manish Kumar
·
Oct. 16, 19 · Tutorial
Likes (2)
Comment
Save
Tweet
Share
6.5K Views

Join the DZone community and get the full member experience.

Join For Free

snow-fox-hiding-face-with-tail


Introduction

In CloudHub, for application deployment, we normally have requirements to hide or encrypt properties. It completely depends on your preference. CloudHub resolves the properties at runtime without exposing sensitive information.

Encryption of Mule application properties is another feature and one of the easiest ways to secure sensitive information.

Concept

Application properties are variables that act as placeholders in our Mule application and are set at runtime. When we deploy an application or update an existing application in the Runtime Manager console, Mule's runtime engine supplies the values for the property variables in the Runtime Manager console’s Properties tab.

You may also like: CloudHub Connector With Mulesoft.

Use Case

When someone needs to update an encrypted value, the Runtime Manager console does not have access to the secret key, so it is impossible to replace an encrypted value with a new encrypted value without changing source files and regenerating new, encrypted value. This process can quickly become cumbersome from a maintenance perspective.

Solution

The above problem can be eliminated by using this approach. This is another feature to secure the sensitive information in Mule by listing the application properties as secured properties. Once application properties are marked as secured properties in the Mule's app properties, then values will be hidden in the Runtime Manager just like encrypted properties. Also, one can safely replace the value with the new value in clear text without encrypting them.

Let's consider a simple example: We can configure a JDBC connector where the username is set to ${dbUsername}, and the password is set to ${dbPassword}. In the Runtime Manager console, you can set these two properties as application properties, as shown below.

Runtime manager

Runtime manager

For sensitive information, we can flag these properties as hidden so that, after they are entered and saved in the Runtime Manager console, their values are neither visible in the console nor passed between the console and the CloudHub server.

Create Hidden Application Properties

Note: This tutorial will run on Mule 4.0 and later versions (at the time of writing).

Suppose you have the following properties in your application:

username: "Manish"
password: "testpass123"
birthdate: "01/01/2015"


Now, in Mule application’s mule-artifact.json file, list the property names that you wish to safely hide under the secureProperties  key as a comma-separated array. Here, we have to the hide password and birthdate. 

{
  "minMuleVersion": "4.2.1",
  "secureProperties": ["password", "birthdate"]
}


In Mule 3: We can place the properties in the mule-app.properties file under the secure.properties  key

name=Manish
password=mypassword
birthdate=01/01/2015
secure.properties=password,birthdate


Once you are done with configurational changes, you can deploy the Mule application to CloudHub. We can enter our application properties after deployment.

Once you commit your deployment or update and your application is deployed, navigate to the Deployment tab and check the application properties. The values for all properties that you marked as safely hidden are now no longer visible to you or any other user. 

In the example below, birthdate and password are safely hidden, but username is not.

Hiding password and birthdate

Hiding password and birthdate

However, it can be overwritten with a new value. To safely pass the secret key into the Mule application, develop the Mule application with a property placeholder to represent the secret key value.

Encrypted Application Properties vs Safely Hidden Application Properties

  1. Secure properties are encrypted using a secret key. It is recommended to never store the secret key inside your applications. Instead, we can safely pass in the secret key value at deployment time.

  2. Mule applications, which are deployed in CloudHub, may not need to encrypt the properties. Instead, just use those properties as secured properties.

  3. If we need to update the value, then one can directly enter the new value in the clear text.

  4. Migrating the application from one environment to another, safely hidden application properties will not get copied to the new environment.

Bonus

Any encrypted property that is also marked as hidden in the Mule application’s secureProperties entry, you can safely replace any encrypted property with a clear-text value. This means that when you override a secure property in the CloudHub Properties tab for the application, the value doesn’t need to be encrypted.

Use the list view in the application’s Properties tab to update properties. If you use the text view to update properties, colons in property names must be escaped (for example: secure\:\:yourproperty).

Happy learning :) 


Further Reading

  • Parallel Processing in Mule.
  • Masking Data in Practice — Part 1.
application Property (programming)

Opinions expressed by DZone contributors are their own.

Related

  • Externalize Microservice Configuration With Spring Cloud Config
  • A Guide To Build, Test, and Deploy Your First DApp
  • How To Build Web Service Using Spring Boot 2.x
  • Visually Designing Views for Java Web Apps

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!