JDOMExternalizable and encrypting.

I'd like to create a SecureJDOMExternalizable class, that would let me
annotate fields that must be encrypted before being stored.

@Encrypt public String userPassword;
@Encrypt public String userId;

Problem: there is no public implementation of JDOMExternalizable.
Any idea?

Alain

7 comments
Comment actions Permalink

Answering my own question:
see DefaultJDOMExternalizer

0
Comment actions Permalink

I can't belive in that you, only now look into JDOMExternalizable :)

0
Comment actions Permalink

Alexey

>I can't belive in that you, only now look into JDOMExternalizable :)

>


Not sure what you meant Alexey, but I've made it, and it was really simple.

Now, when I want a field 'foo' to be automatically encrypted before
being stored in the project file, I just rename it to 'foo_X'. That's
all I have to change (and that convention is easily configurable: see
below).


I just use:

public void writeExternal (Element element) throws
WriteExternalException {
__externalizer.writeExternal (__encrypter, this, element);
}

and
private SecureJDOMExternalizer __externalizer = new
SecureJDOMExternalizer()
{
public boolean fieldMustbeEncrypted (Field i_field) {
return i_field.getName ().endsWith ("_X");
}
};



There's a tricky bit though: when the plugin is loaded, IDEA tries to
load the configuration from the project file, and call readExternal.
Problem: no encrypter is defined yet, as the user must enter his pass
phrase first.


My (ugly) solution is to store the jdom Element:

public void readExternal (Element element) throws
InvalidDataException {

if(storedJdomElement == null)
storedJdomElement = element ; // set when the plugin is
installed, and reused below

if(__encrypter == null)
return;
__externalizer.readExternal (__encrypter, this, element);
}


so I can reuse it later, when the user has entered the passphrase:

public void forceReadExternal () {
try {
readExternal (storedJdomElement);
} catch (InvalidDataException e) { e.printStackTrace (); }
}



I wonder if there is a cleaner way to obtain the jdom Element of the
current plugin?!


Alain

0
Comment actions Permalink

Hello Alain,

As i understand you right, you need to save user password into XML file in
encripted form and read it from file with decription. Is it right?


--
Alexey Efimov, Java Developer
Tops BI


0
Comment actions Permalink

Alexey

As i understand you right, you need to save user password into XML
file in encripted form and read it from file with decription. Is it
right?

>

Yes.
As the info is stored in the project file, I don't want it to be readable.

Alain

0
Comment actions Permalink

Then you need custom write/read behaviour in read/writeExternal for this fields. And do not use DefaultJDOMExternalizable for these fields.

0

Please sign in to leave a comment.