Working with BIRT encryption in iHub : Deploying multiple encryption plug‑ins : How to create a new instance of the default encryption plug‑in
 
How to create a new instance of the default encryption plug‑in
1 Make a copy of the default encryption plug‑in:
1 Copy the folder:
$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>
2 Paste the copied folder in the same folder:
$ACTUATE_HOME\BRDPro\eclipse\plugins
3 Rename:
$ACTUATE_HOME\BRDPro\eclipse\plugins\Copy of com.actuate.birt.model.defaultsecurity_<Release>
to a new name, such as:
$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>_rsa
2 Modify the new plug‑in’s manifest file:
1 Open:
$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_2.3.2_rsa\META-INF\MANIFEST.MF
2 Change:
Bundle-SymbolicName:com.actuate.birt.model.defaultsecurity
to:
Bundle-SymbolicName:com.actuate.birt.model.defaultsecurity.rsa
MANIFEST.MF now looks similar to the one in Listing 26‑4.
Listing 26‑4 Modified MANIFEST.MF for the new encryption plug‑in
Manifest-Version: 1.0
Bundle-ManifestVersion: 2
Bundle-Name: Actuate Default Security Plug-in
Bundle-SymbolicName: com.actuate.birt.model.defaultsecurity.rsa;singleton:=true
Bundle-Version: <Release>.<Version>
Require-Bundle: org.eclipse.birt.report.model,
org.eclipse.core.runtime
Export-Package: com.actuate.birt.model.defaultsecurity.api
Bundle-ClassPath: acdefaultsecurity.jar
Bundle-Vendor: OpenText Corporation
Eclipse-LazyStart: true
Bundle-Activator: com.actuate.birt.model.defaultsecurity.properties.SecurityPlugin
3 Save and close MANIFEST.MF.
3 Modify the new plug‑in’s descriptor file to be the default encryption plug‑in:
1 Open:
$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>_rsa
\plugin.xml
2 Change:
extensionName="jce"
to:
extensionName="rsa"
plugin.xml now looks similar to the one in Listing 26‑5.
3 Save and close plugin.xml.
Listing 26‑5 Modified plugin.xml for the new encryption plug‑in
<?xml version="1.0" encoding="UTF-8"?>
<?eclipse version="<Version>"?>
<plugin>
<extension
id="encryption"
name="default encryption helper"
point="org.eclipse.birt.report.model.encryptionHelper">
<encryptionHelper class="com.actuate.birt.model.defaultsecurity.api.DefaultEncryptionHelper"
extensionName="rsa" isDefault="true" />
</extension>
</plugin>
4 Modify the original plug‑in’s descriptor file, so that it is no longer the default encryption plug‑in:
1 Open:
$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>\plugin.xml
2 Change:
isDefault="true"
to:
isDefault="false"
3 Save and close plugin.xml.
5 Set the encryption type in the new plug‑in to RSA:
1 Open:
$ACTUATE_HOME\BRDPro\eclipse\plugins
\com.actuate.birt.model.defaultsecurity_<Release>_rsa
\encryption.properties
2 Change the encryption type to public encryption:
type=public encryption
3 Change the algorithm type to RSA:
algorithm=RSA
4 Copy the pre-generated private and public keys for RSA to the symmetric‑key and public‑key properties. encryption.properties now looks similar to the one in Listing 26‑6.
5 Save and close encryption.properties.
Listing 26‑6 Modified encryption.properties file for the new encryption plug‑in
#message symmetric encryption , public encryption
type=public encryption
#private encryption: DES(default), DESede
#public encryption: RSA
algorithm=RSA
# NONE , CBC , CFB , ECB( default ) , OFB , PCBC
mode=ECB
#NoPadding , OAEP , PKCS5Padding( default ) , SSL3Padding
padding=PKCS5Padding
#For key , support default key value for algorithm
#For DESede ,DES we only need to support private key
#private key value of DESede algorithm : 20b0020e918..
#private key value of DES algorithm: 527c23ea...
# RSA algorithm uses a key pair. You should support
#private-public key pair
#private key value of RSA algorithm: 308202760201003....
#public key value of RSA algorithm: 30819f300d0....
#private key
symmetric-key=308202760....
#public key
public-key=30819f300d0.....
6 To test the new default RSA encryption, open Actuate BIRT Designer and create a new report design. Create a data source and type the password.
7 View the XML source of the report design file. Locate the data source definition code. The encryptionID is rsa, as shown in the following sample:
<data-sources>
<oda-data-source name="Data Source" id="6" extensionID="org.eclipse.birt.report.data.oda.jdbc" >
<text-property name="displayName"></text-property>
<property name="odaDriverClass">
com.mysql.jdbc.Driver
</property>
<property name="odaURL">
jdbc:mysql://192.168.218.225:3306/classicmodels
</property>
<property name="odaUser">root</property>
<encrypted-property name="odaPassword" encryptionID="rsa">
36582dc88.....
</encrypted-property>
</oda-data-source>
</data-sources>
8 Create a data set and a simple report design. Preview the report to validate that BIRT connects successfully to the database server using the encrypted password. Before trying to connect to the data source the report engine decrypts the password stored in the report design using the default RSA encryption plug‑in. Then the engine submits the decrypted value to the database server.