Studio Context password encryption

n999 · ‎2019-07-22

Hello

A quick question - but I can't seem to find a post that answers this.

We are on 6.4.1:

If you add a context variable that is a type of password it can't be read in plain text as it is asterix'ed out. Also the context .item files show an encrypted value.

I as wondering what key is used by Talend to decrypt these values at runtime?

And is this key checked into version control (ie in the same project) along with any encrypted values?

I know there are alternatives to storing passwords in a project/job context but I was interested in how Talend does this out of the box?

Cheers

n

Anonymous · ‎2019-08-19

Hello,

Passwords in Talend Jobs and Context Variables are encrypted using a two way symmetrical approach. The code is in Talend Routines to encrypt and decrypt the password.

In context variables, we can leave password field blank, and design our jobs to load the password from a DB table or a properties file, which are not stored in Git. The logic in Talend job can be implemented explicitly or implicitly through the project projects for jobs.

Let us know if it helps.

Best regards

Sabrina

n999 · ‎2019-09-24

Hi Thanks for that.

"The code is in Talend Routines to encrypt and decrypt the password. "

So if passwords are added directly to context variables, does this mean that if another user imports my jobs and contexts, they can

1) run my jobs with correct passwords

2) decrypt these passwords if they were able to extract the decryption algorithm and key?

Thanks

Anonymous · ‎2019-09-25

Essentially, yes.

Talend Studio

v6.x