JDOMExternalizable and encrypting.
I'd like to create a SecureJDOMExternalizable class, that would let me
annotate fields that must be encrypted before being stored.
@Encrypt public String userPassword;
@Encrypt public String userId;
Problem: there is no public implementation of JDOMExternalizable.
Any idea?
Alain
Please sign in to leave a comment.
Please see http://www.jetbrains.org/intellij/sdk/docs/basics/persisting_sensitive_data.html
Answering my own question:
see DefaultJDOMExternalizer
I can't belive in that you, only now look into JDOMExternalizable :)
Alexey
>I can't belive in that you, only now look into JDOMExternalizable :)
>
Not sure what you meant Alexey, but I've made it, and it was really simple.
Now, when I want a field 'foo' to be automatically encrypted before
being stored in the project file, I just rename it to 'foo_X'. That's
all I have to change (and that convention is easily configurable: see
below).
I just use:
public void writeExternal (Element element) throws
WriteExternalException {
__externalizer.writeExternal (__encrypter, this, element);
}
and
private SecureJDOMExternalizer __externalizer = new
SecureJDOMExternalizer()
{
public boolean fieldMustbeEncrypted (Field i_field) {
return i_field.getName ().endsWith ("_X");
}
};
There's a tricky bit though: when the plugin is loaded, IDEA tries to
load the configuration from the project file, and call readExternal.
Problem: no encrypter is defined yet, as the user must enter his pass
phrase first.
My (ugly) solution is to store the jdom Element:
public void readExternal (Element element) throws
InvalidDataException {
if(storedJdomElement == null)
storedJdomElement = element ; // set when the plugin is
installed, and reused below
if(__encrypter == null)
return;
__externalizer.readExternal (__encrypter, this, element);
}
so I can reuse it later, when the user has entered the passphrase:
public void forceReadExternal () {
try {
readExternal (storedJdomElement);
} catch (InvalidDataException e) { e.printStackTrace (); }
}
I wonder if there is a cleaner way to obtain the jdom Element of the
current plugin?!
Alain
Hello Alain,
As i understand you right, you need to save user password into XML file in
encripted form and read it from file with decription. Is it right?
--
Alexey Efimov, Java Developer
Tops BI
Alexey
>
Yes.
As the info is stored in the project file, I don't want it to be readable.
Alain
Then you need custom write/read behaviour in read/writeExternal for this fields. And do not use DefaultJDOMExternalizable for these fields.