Hi, You can add @Encrypt tag to the field and it would be stored in encrypted form in the DB, and decrypted automatically when reading. It uses the key file provided in db.properties for encryption. You can check many of the VOs, for example UserVO, as a reference.
HTH Amogh On 9/2/14 12:38 PM, "Mike Tutkowski" <mike.tutkow...@solidfire.com> wrote: >OK - thanks! > > >On Tue, Sep 2, 2014 at 1:33 PM, Wido den Hollander <w...@widodh.nl> wrote: > >> >> >> On 02-09-14 21:29, Mike Tutkowski wrote: >> >>> Thanks, Wido >>> >>> Do you happen to know a relevant class off the top of your head? >>> >>> >> No sorry, but if you search for where it fetches the VNC password for >>KVM >> VMs you should find it. >> >> It's probably the DB layer which does the encryption and decryption. >> >> Wido >> >> >> >>> On Tue, Sep 2, 2014 at 1:25 PM, Wido den Hollander <w...@widodh.nl> >>> wrote: >>> >>> >>>> >>>> On 02-09-14 21:22, Mike Tutkowski wrote: >>>> >>>> Hi, >>>>> >>>>> I was wondering what our current "best practices" are around storing >>>>> passwords in the DB? >>>>> >>>>> For example, if you want to store the username and password of a >>>>> resource >>>>> that CloudStack manages, how do we recommend storing the password? >>>>> >>>>> >>>>> Using the build-in encryption mechanism? CloudStack also saves the >>>>>VNC >>>> passwords for KVM that way for example. >>>> >>>> Wido >>>> >>>> Thanks! >>>> >>>>> >>>>> >>>>> >>> >>> > > >-- >*Mike Tutkowski* >*Senior CloudStack Developer, SolidFire Inc.* >e: mike.tutkow...@solidfire.com >o: 303.746.7302 >Advancing the way the world uses the cloud ><http://solidfire.com/solution/overview/?video=play>**
