LATEST VERSION: 8.2.7 - CHANGELOG
Pivotal GemFire® v8.2

Encrypting Passwords for Use in cache.xml

Encrypting Passwords for Use in cache.xml

Pivotal GemFire provides a gfsh utility to generate encrypted passwords.

You may need to specify an encrypted password in cache.xml when configuring JNDI connections to external JDBC data sources. See Configuring Database Connections Using JNDI for configuration examples.

The cache.xml file accepts passwords in clear text or encrypted text.

To generate an encrypted password, use the encrypt password command in gfsh. The following example shows a sample command invocation and output (assuming my_password is the actual password for the data source). After you start gfsh, enter the following command:
gfsh>encrypt password --password=my_password
AB80B8E1EE8BB5701D0366E2BA3C3754
Copy the output from the gfsh command to the cache.xml file as the value of the password attribute of the jndi-binding tag embedded in encrypted(), just like a method parameter. Enter it as encrypted, in this format:
password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)"
To use a non-encrypted (clear text) password, put the actual password as the value of the password attribute of the jndi-binding tag, like this:
password="password"