Securing Configuration Properties in MuleSoft

DZone 's Guide to

Securing Configuration Properties in MuleSoft

See how to secure configuration properties in MuleSoft.

· Integration Zone ·
Free Resource

Anypoint Enterprise Security is a collection of security features that enforce secure access to information in Mule applications.

Anypoint Enterprise Security suite helps application developers develop security solutions as per security requirements, prevent security breaches, and facilitate authorized access to data.

Installing Anypoint Security Suite

  1. Open Anypoint Studio. Under the help menu, select Install New Software.

  2. In the Install Wizard, click the Add button next to Work with field.

  3. In the Add Repository window, set the name field to Anypoint Enterprise Security, and in the location field, provide the following link: http://security-update-site-1.4.s3.amazonaws.com. Click OK.

  4. In the available software window, select Premium and click Next.

  5. Image title

  6. Anypoint Enterprise Security will now be installed and Anypoint Studio will now ask you to restart the studio. This completes the installation of your security suite.

How to Encrypt Properties

  1. Create a Mule project in Anypoint Studio.

  2. In the src/main/resources folder of the project, right-click and select New -> File.

  3. Image title

  4. In the New file wizard, provide a file name, which should include .properties extension. Ex: prod.properties. Click finish.

  5. Image title

  6. In the project explorer, right-click the .properties file and select Open with -> Mule Properties Editor.

  7. Image title

  8. Click on the green + icon in the studio. In the Add New Property window, add a key and a value. Click on Encrypt button if you want to encrypt the value, and do not if you don't want to. 

  9. If you click on Encrypt, in the Setup encryption information dialog box that appears, select an algorithm and provide a key that will be used to encrypt the value. Click OK.

  10. Image title

  11. After you click OK, the encrypted value looks as shown below. Click OK.

  12. Image title

  13. Repeat the above steps to add more values to the Credentials Vault.

Create a Global Secure Property Placeholder

  1. Click on the Global Elements tab. Select Secure Property Placeholder. Click OK.

  2. Image title

  3. In the Secure Property Placeholder wizard, set the Encryption Algorithm, Encryption Mode, and key. The Encryption Algorithm will be the same as you used at the time of the encryption process above. The key will be the value that you used to encrypt your value above (STEP 6).

Image titleHere, ${property} instructs Mule to demand the key at runtime.

Local Setup

  1. Click on the Message flow tab and create the following flow.

  2. Image title

    <?xml version="1.0" encoding="UTF-8"?>
    <mule xmlns:sfdc="http://www.mulesoft.org/schema/mule/sfdc" xmlns:secure-property-placeholder="http://www.mulesoft.org/schema/mule/secure-property-placeholder" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
    http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
    http://www.mulesoft.org/schema/mule/secure-property-placeholder http://www.mulesoft.org/schema/mule/secure-property-placeholder/current/mule-secure-property-placeholder.xsd
    http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
    http://www.mulesoft.org/schema/mule/sfdc http://www.mulesoft.org/schema/mule/sfdc/current/mule-sfdc.xsd">
        <http:listener-config name="HTTP_Listener_Configuration" host="" port="8081" doc:name="HTTP Listener Configuration"/>
        <secure-property-placeholder:config name="Secure_Property_Placeholder" encryptionAlgorithm="Blowfish" key="${property}" location="prod.properties" doc:name="Secure Property Placeholder"/>
        <flow name="securityFlow">
            <http:listener config-ref="HTTP_Listener_Configuration" path="/security" allowedMethods="GET" doc:name="HTTP"/>
            <set-variable variableName="username" value="${user}" doc:name="Variable"/>
            <logger  level="INFO" doc:name="Logger" message="#[flowVars.username]"/>
  3. Open the mule-app.properties file in the project explorer.

  4. Add the following property to it:

  5. Image title

    Outlook above is my key. You need to add your encrypted key here.

  6. After you run this application, call the following flow and look at the console. You will see that the encrypted value is getting printed after decryption.

Image title

Thank you!

integration ,mule 3 ,mule 4 ,mule ,Anypoint Enterprise Security ,integration tutorial ,tutorial

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}