Encrypt header value.

Wilken Marci J Tue, 06 Sep 2022 16:02:02 -0700

HI all,
Issue: sensitive data getting passed from the exchange header to the logs in 
the clear.


Is there a way to encrypt header value in camel?  I've got several values;  id, 
 ssn,  dob, password that get passed around in the message header or that I 
would like to pass in the header.  I would prefer to pass these with some kind 
of encryption instead of a String.

Simple example: To call an sftp route I need to send the password and for 
debugging purposes I want to log the call before connecting.  Route A reads the 
vault for the appropriate user id and password and place the info in the header 
(the message is in the body) and call the sftp route.


                                        .log(LoggingLevel.INFO, 
"ftps://{{file.router.remote.host}}:{{file.router.remote.port}}//{{file.router.remote.home}}"
                                                        + 
"?password=${header.password}"
                                                        + 
"&username=${header.userName}"
//                                                                              
    + "&stepwise=true"  // unknown if it works or makes a difference
//                              doesn't like                            + 
"&strictHostKeyChecking=no" 
                                                                + 
"&include=${header.CamelFileName}" 
                                                                + 
"&fileName=${header.TransmissionCamelFileName}"
                                                                + "&noop=true" 
                                                                + 
"&keepLastModified=true"
//                          ojd does not like this                + 
"&execPbsz={{file.router.remote.ftpsPBSZ}}"
                                                                + 
"&securityProtocol={{file.router.remote.ftpsprotocol}}" 
                                                                + 
"&passiveMode=true" // ?
                                                                + 
"&binary=false" // ?
                                                                // doesn't like 
+ "&implicit={{file.router.remote.ftpsimplicit}}"
                                                                // leave the 
file to be archived
                                                                + 
"&reconnectDelay={{file.router.reconnectDelay}}"
                                                                + 
"&maximumReconnectAttempts={{file.router.maximumReconnectAttempts}}"
                                                                + 
"&backoffErrorThreshold=5" 
                                                                + 
"&backoffMultiplier=10"
                                                                + 
"&runLoggingLevel={{file.router.runLoggingLevel:WARN}}" 
                                                                + 
"&transferLoggingVerbose=true")



Regards-
Marci Wilken
She/Her/Hers
Operations Architect  
Office of Information Services
OHA/DHS/CAF-CW/OR-KIDS
Desk: 503.378.2405 Cell: 503.979.9680

CONFIDENTIALITY NOTICE
This email may contain information that is privileged, confidential, or 
otherwise exempt from disclosure under applicable law. If you are not the 
addressee or it appears from the context or otherwise that you have received 
this email in error, please advise me immediately by reply email, keep the 
contents confidential, and immediately delete the message and any attachments 
from your system.

Encrypt header value.

Reply via email to