The connector SDK contains SensitiveDataCodec
functionality allowing you to
encode and decode information your configuration file. To obfuscate
sensitive information in your configuration file:
Run your connector with the
-DsecurityLevel=OBFUSCATED
andcom.google.enterprise.cloudsearch.sdk.config.SensitiveDataCodec
parameters. This command requests the sensitive configuration parameter in your configuration file, such as asharepoint.password
parameter containing a password to a data source.java -DsecurityLevel=OBFUSCATED -cp google-cloudsearch-csv-connector-v1-0.0.5.jar com.google.enterprise.cloudsearch.sdk.config.SensitiveDataCodec
This command outputs an obfuscated value similar to
obf:Pm1saUwfSUJb5sPblTjPUw==
.In your configuration file, add the obfuscated value in place of the sensitive string. For example:
sharepoint.password=obf:Pm1saUwfSUJb5sPblTjPUw==
You can also use a key pair with your own keys from Java Keystore. For example:
java -DsecurityLevel=ENCRYPTED -Djavax.net.ssl.keyStore=encryptKeyStore.jks -Djavax.net.ssl.keyStorePassword=testtest -Djavax.net.ssl.keyStoreType=JKS -Dalias=testkeypair -cp google-cloudsearch-csv-connector-v1-0.0.5.jar com.google.enterprise.cloudsearch.sdk.config.SensitiveDataCodec
If you are using your own keys, you must pass similar parameters while running your connector.