NIFI中针对DBCPConnectionPool处理器的自定义加密或解密算法 [英] custom encryption or decryption algorithm for DBCPConnectionPool processor in NIFI
问题描述
我们正在尝试为NIFI中的DBCPConnectionPool控制器(内置处理器)中的密码提供自定义加密和解密算法,而不是内置算法.我们有什么办法吗?
We are trying to provide custom encryption and decryption algorithm for the password in DBCPConnectionPool controller (build-in processor) in NIFI, instead of build-in algorithms. do we have any approach for that ?
推荐答案
如果处理器,控制器服务或报告任务的PropertyDescriptor标记为敏感[1],则NiFi在将该值写入流时会自动对其进行加密. .xml.gz,并在读取flow.xml.gz时自动将其解密.
If a processor, controller service, or reporting task has a PropertyDescriptor that is marked as sensitive [1] then NiFi automatically encrypts this value when writing it to the flow.xml.gz, and automatically decrypts it when reading the flow.xml.gz.
用于加密/解密的密钥和算法是通过nifi.properties中的属性控制的:
The key and algorithm for encryption/decryption are controlled via the properties in nifi.properties:
nifi.sensitive.props.key=
nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL
nifi.sensitive.props.provider=BC
如果使用context.getProperty(DB_PASSWORD).getValue(),它将已经返回解密后的值.所以我不确定为什么您需要自己解密.
If you used context.getProperty(DB_PASSWORD).getValue() it would already return the decrypted value. So I'm not sure why you would need to decrypt it yourself.
[1] 查看全文