Admin Interface

In general, when using pre-packaged applications and the standard Aspire Admin interface (i.e. http://localhost:50505), all password encryption will be handled automatically. All passwords will be encrypted when stored in the relational database or in configuration files on disk.

Create the Main Password

All password encryption / decryption is based on a main password. Use the following steps to create it:

1. Go to ASPIRE_HOME
2. Run bin\aspire.bat - create_master. This script creates an encrypted main password file (in the config/passwords directory). This file will contain a random key used to decrypt passwords inside Aspire.

Notes:

• The Main file must be secured by the operating system. This means that administrators should grant read access only to the user running Aspire.
• The Main file path value is stored inside the settings file as a property called "masterPasswordFilePath"

Password Encryption for Custom Applications

If you are creating a custom application which requires password encryption, you may need to use the "encryptPassword" script.

• The encrypted password will be stored as a property in the settings.xml file.
• The property should then be specified to the appropriate component's configuration in the application.xml file.

To use password encryption, follow these instructions:

1. Run bin\aspire.bat -encrypt_password. This script will prompt for the password you need to encrypt, and a property name where the encrypted password will be stored. This property is written to the Aspire settings.xml file.
2. Reference the created property from the component's configuration using ${propertyName} syntax.
3. Make sure your component allows password encryption.

Important notes

• This has been tested on Windows only.
• By default, Aspire will use a secret pre-configured main password unless an administrator uses aspire.bat -create_master to create a new one.