You are viewing the RapidMiner Server documentation for version 8.1 - Check here for latest version
Encrypting the LDAP properties
The content of your local-security.properties
can be encrypted in order to better protect your LDAP configuration.
The following steps have to be followed in the order they are presented. If you place an encrypted property in the properties file without configuring the appropriate setting, Server will fail to start.
Configure the Server Settings
First you need to create a new Server property that will contain your encryption key. Your new property should be called com.rapidanalytics.encryption.key
and the value should be whatever encryption key you choose.
Your settings page should look similar to the one above. Replace "secret" with your encryption key. You can find more info about Modifying System Settings here.
Encrypt the LDAP properties
In order to encrypt the LDAP properties you need to download and extract the jasypt utility.
After downloading and extracting, navigate to the \bin
folder. We will be using the encrypt
utility. From the command line, use the encrypt utility as shown below.
Replace PROPERTY
with the value of the property you want to encrypt, and ENCRYPTION_KEY
with the key you defined in the Server Settings.
.\encrypt input=PROPERTY password=ENCRYPTION_KEY algorithm=PBEWithMD5AndTripleDES
----ENVIRONMENT-----------------
Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 25.102-b14
----ARGUMENTS-------------------
algorithm: PBEWithMD5AndTripleDES
input: PROPERTY
password: secret
----OUTPUT----------------------
aXl9Hfj3gIt7jpHN2MUINmHj33/cGAHL
Replace PROPERTY
with the value of the property you want to encrypt, and ENCRYPTION_KEY
with the key you defined in the Server Settings.
Note: Do not complete the next step if you haven’t configured the Server Setting with your encryption key in the previous step. Doing so will prevent Server from starting, and won’t allow you to continue with the configuration.
Open your local-security.properties
file and replace the property field you encrypted with the Output string, surrounded by ENC(xxxxxx). For example:
ldap.password=changeit
Becomes:
ldap.password=ENC(aXl9Hfj3gIt7jpHN2MUINmHj33/cGAHL)
After this, you can restart Server, and if properly configured, your LDAP connection should work as expected. If you still haven't configured your LDAP connection, you can learn how to do it here.