Encrypting Sensitive Values

In a downloaded project, the bin/twigcrypt/twigcrypt.sh utility is available to encrypt sensitive string values, such a passwords, at the command line. It uses a two-way encryption mechanism so anywhere in the code this is used the value can be decrypted.

To encrypt a value, run the following (note the single quotes around yourSensitiveValue):

./twigcrypt.sh yourSecretSeed 'yourSensitiveValue'

This outputs an encrypted string. You must copy the whole string and paste into your configuration file.

For example, in your src/main/resources/conf/platforms/fusion/fusion.conf file, add:

username:jbloggs
password:Enc(ABC123==)

Then you must also configure the seed in the application’s security configuration, in src/main/resources/conf/security/security.conf:

password: yourSecretSeed

Wherever this configuration parameter is used, it will be decrypted back to plain text at the time it’s used.

Note
Lucidworks recommends using a randomly-generated alphanumeric seed (special characters can cause problems).