Transact

⌘K
  1. Home
  2. Transact
  3. System Configuration
  4. Security Configuration
  5. Password Masking

Password Masking

Overview

This feature is responsible for masking the password fields across all the Ephesoft Transact application UI. It covers UI fields like passwords used in plugin configuration, E-mail configuration, CMIS repository configuration, and so on. The values of the identified password fields will be encrypted upon persistence in the database and these values will be masked from the UI.

Areas Covered

Plugins

The password field in these plugins have been marked as PASSWORD field types and are encrypted and masked:

  1. CMIS_EXPORT
  2. DB_EXPORT
  3. FUZZYDB

Email Import

The password field for all email accounts that Transact uses for batch ingestion is encrypted and masked.

CMIS Import

CMIS repositories that are configured for importing documents are encrypted and masked.

Configuring the dcma-encryption.properties File

The dcma-encryption.properties file contains all of the properties that Transact uses for encryption. The dcma-encryption.properties file is located in the META-INF\dcma-encryption folder. During Transact server start-up, all existing password fields are encrypted and the dcma-encryption.properties file is updated. The following steps are used for encrypting password fields on server start-up.

  1. To enable encryption, set the password.encrypt property to true. Transact will then run an encryption algorithm to encrypt passwords in the plugins mentioned above, email import, and CMIS import.

After Transact applies encryption, the encrypted values are appended with the password.encrypt_suffix property value and are persisted in the database. It is not necessary to configure the dcma-encryption.properties file on each server start-up. Hence, after the encryption the value of password.encrypt will be updated to false.

The following steps are used for encrypting password fields post server start-up.

  1. After the encryption of values, if the user alters value of any such field, its value will be encrypted before persisting it in the database.