Obfuscate sensitive configuration file information

Stay organized with collections Save and categorize content based on your preferences.

The connector SDK contains SensitiveDataCodec functionality allowing you to encode and decode information your configuration file. To obfuscate sensitive information in your configuration file:

  1. Run your connector with the -DsecurityLevel=OBFUSCATED and com.google.enterprise.cloudsearch.sdk.config.SensitiveDataCodec parameters. This command requests the sensitive configuration parameter in your configuration file, such as a sharepoint.password parameter containing a password to a data source.

    java -DsecurityLevel=OBFUSCATED -cp google-cloudsearch-csv-connector-v1-0.0.5.jar com.google.enterprise.cloudsearch.sdk.config.SensitiveDataCodec

    This command outputs an obfuscated value similar to obf:Pm1saUwfSUJb5sPblTjPUw==.

  2. In your configuration file, add the obfuscated value in place of the sensitive string. For example:

    sharepoint.password=obf:Pm1saUwfSUJb5sPblTjPUw==

You can also use a key pair with your own keys from Java Keystore. For example:

java -DsecurityLevel=ENCRYPTED -Djavax.net.ssl.keyStore=encryptKeyStore.jks -Djavax.net.ssl.keyStorePassword=testtest -Djavax.net.ssl.keyStoreType=JKS -Dalias=testkeypair -cp google-cloudsearch-csv-connector-v1-0.0.5.jar com.google.enterprise.cloudsearch.sdk.config.SensitiveDataCodec

If you are using your own keys, you must pass similar parameters while running your connector.