How to create a new instance of the default encryption plug-in

How to create a new instance of the default encryption plug-in

1

Make a copy of the default encryption plug-in:

1

Copy the folder:

$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>

2

Paste the copied folder in the same folder:

$ACTUATE_HOME\BRDPro\eclipse\plugins

3

Rename:

$ACTUATE_HOME\BRDPro\eclipse\plugins\Copy of com.actuate.birt.model.defaultsecurity_<Release>

to a new name, such as:

$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>_rsa

2

Modify the new plug-in’s manifest file:

1

Open:

$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_2.3.2_rsa\META-INF\MANIFEST.MF

2

Change:

Bundle-SymbolicName:com.actuate.birt.model.defaultsecurity

to:

Bundle-SymbolicName:com.actuate.birt.model.defaultsecurity.rsa

MANIFEST.MF now looks similar to the one in Listing 29-4.

Listing 29-4

Modified MANIFEST.MF for the new encryption plug-in

Manifest-Version: 1.0

Bundle-ManifestVersion: 2

Bundle-Name: Actuate Default Security Plug-in

Bundle-SymbolicName: com.actuate.birt.model.defaultsecurity.rsa;singleton:=true

Bundle-Version: <Release>.<Version>

Require-Bundle: org.eclipse.birt.report.model,

org.eclipse.core.runtime

Export-Package: com.actuate.birt.model.defaultsecurity.api

Bundle-ClassPath: acdefaultsecurity.jar

Bundle-Vendor: Actuate Corporation

Eclipse-LazyStart: true

Bundle-Activator: com.actuate.birt.model.defaultsecurity.properties.SecurityPlugin

3

Save and close MANIFEST.MF.

3

Modify the new plug-in’s descriptor file to be the default encryption plug-in:

1

Open:

$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>_rsa
\plugin.xml

2

Change:

extensionName="jce"

to:

extensionName="rsa"

plugin.xml now looks similar to the one in Listing 29-5.

3

Save and close plugin.xml.

Listing 29-5

Modified plugin.xml for the new encryption plug-in

<?xml version="1.0" encoding="UTF-8"?>

<?eclipse version="<Version>"?>

<plugin>

<extension

  id="encryption"

  name="default encryption helper"

  point="org.eclipse.birt.report.model.encryptionHelper">

  <encryptionHelper class="com.actuate.birt.model.defaultsecurity.api.DefaultEncryptionHelper"

  extensionName="rsa" isDefault="true" />

  </extension>

</plugin>

4

Modify the original plug-in’s descriptor file, so that it is no longer the default encryption plug-in:

1

Open:

$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>\plugin.xml

2

Change:

isDefault="true"

to:

isDefault="false"

3

Save and close plugin.xml.

5

Set the encryption type in the new plug-in to RSA:

1

Open:

$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>_rsa
\encryption.properties

2

Change the encryption type to public encryption:

type=public encryption

3

Change the algorithm type to RSA:

algorithm=RSA

4

Copy the pre-generated private and public keys for RSA to the symmetric-key and public-key properties. encryption.properties now looks similar to the one in Listing 29-6.

5

Save and close encryption.properties.

Listing 29-6

Modified encryption.properties file for the new encryption plug-in

#message symmetric encryption , public encryption

  type=public encryption

#private encryption: DES(default), DESede

#public encryption: RSA

  algorithm=RSA

# NONE , CBC , CFB , ECB( default ) , OFB , PCBC

  mode=ECB

#NoPadding , OAEP , PKCS5Padding( default ) , SSL3Padding

padding=PKCS5Padding

#For key , support default key value for algorithm

#For DESede ,DES we only need to support private key

#private key value of DESede algorithm : 20b0020e918..

#private key value of DES algorithm: 527c23ea...

# RSA algorithm uses a key pair. You should support

#private-public key pair

#private key value of RSA algorithm: 308202760201003....

#public key value of RSA algorithm: 30819f300d0....

#private key

symmetric-key=308202760....

#public key

public-key=30819f300d0.....

6

To test the new default RSA encryption, open Actuate BIRT Designer and create a new report design. Create a data source and type the password.

7

View the XML source of the report design file. Locate the data source definition code. The encryptionID is rsa, as shown in the following sample:

<data-sources>

  <oda-data-source name="Data Source" id="6" extensionID="org.eclipse.birt.report.data.oda.jdbc" >

    <text-property name="displayName"></text-property>

    <property name="odaDriverClass">

      com.mysql.jdbc.Driver

    </property>

    <property name="odaURL">

      jdbc:mysql://192.168.218.225:3306/classicmodels

    </property>

    <property name="odaUser">root</property>

    <encrypted-property name="odaPassword" encryptionID="rsa">

      36582dc88.....

    </encrypted-property>

  </oda-data-source>

</data-sources>

8

Create a data set and a simple report design. Preview the report to validate that BIRT connects successfully to the database server using the encrypted password. Before trying to connect to the data source the report engine decrypts the password stored in the report design using the default RSA encryption plug-in. Then the engine submits the decrypted value to the database server.

Additional Links:

Forums |

Blogs |

Support |

Give Us Feedback |

More...