Password tokenisation in Mule 4

  • Written By WHISHWORKS
  • 23/08/2018

In the blog titled ‘How to enable Secure Property Placeholder in MuleSoft‘, we have discussed how to encrypt properties and sensitive data that might float in and out of the applications and may be visible to the development and support teams.

Now we are here with a new post on how to enable Secure Property Placeholder in Mule 4, employing the latest security configuration module (Secure properties config) that will help protect sensitive data. This module is used to encrypt and decrypt information like passwords, SSN, Credit Card numbers and other confidential information.

For the purposes of this blog, we will be using password tokenisation as an example with Blowfish.js as the encryption algorithm and Anypoint Studio 7 as the development tool. At the end of the blog we also provide a brief outline on how to use different encryption algorithms.

Step 1: Encrypting & Decrypting a Password

  • Password encryption:

1.    Click http://sladex.org/blowfish.js/
2.    Follow the steps as shown in the screen shot below

Password encryption
  • Password decryption:
Password decryption

Step 2: Secure module configuration in Mule 4 Domain Project:

1.    Create a new domain project
2.    Create a file “configuration.yaml” in src/main/resource

 Mule 4 domain:
http:
  host: “localhost”
  port: “9091”
db:
  host: “localhost”
  port: “3306”
  user: “root”
  database: “webservices”
secret:
  key: “secure@123”
  password: “![Id+Ray4b7QtxhuNj6AALYg==]”  ← place the encrypted password generated in blowfish.js (step 1) in the Encrypted password section, within the punctuation shown here.

3.    Go to Global Elements → Create → Global Configurations → Configuration Properties → file , browse and select “configuration.yaml

4.    Add a module “Secure properties config” 
Manage Modules  Add Modules → search for “Secure properties config” and Add5.    Create → Connector Configuration → Secure properties config →

Secure properties config

Step 3: How to test Decrypting Password is working or not:

1.    Add a Database module 
Manage Modules  Add Modules →search for “Database” and Add

2.    Creating Connector Configuration    
Create  Connector Configuration  Database Config

Use the below expression in the Password text box.

${secure::mule4domain.secret.password}

Database Config


How to use other encryption algorithms in Mule 4 

Mule 4 supports various encryption algorithms like AESBlowfishRSADES and others as shown in the list below.

Setup encryption information

In order to use any of these algorithms in Mule 4, the steps are the same as they were in Mule 3, and you can find them here: Secure Property Placeholder in MuleSoft

The only difference is the repository location (step 2 of the blog). In Mule 4 the repository location is here:http://anypoint-enterprise-security-update-site.s3.amazonaws.com/1.7.3  

If you would like to find out more about how API-led connectivity can help you create a a fully integrated environment, do give us a call at +44 (0)203 475 7980 or email us at marketing@whishworks.com

Other useful links:

How to enable Secure Property Placeholder in MuleSoft

Anypoint Platform Identity Management – OKTA

Overview and best practices for MUnit 2 testing framework

Latest Insights

Salesforce FSC - Modelling Relationships -1
Blogs

Salesforce FSC – modelling relationships, part 1

The value and the complexity of a relationship are the main factors in using Modelling Relationships in Salesforce Financial Services Cloud.

Data Mesh
Blogs

Data Mesh – a paradigm shift

To address the increasingly unmanageable expanse of data, data mesh is fast becoming the go to approach for organisations.

Litify-Whishworks
Blogs

Litify partners with WHISHWORKS

Top legal SaaS firm Litify, selects WHISHWORKS as one of its expert Delivery Partners, to ensure accelerated time-to-value for its clients.