Decryption of JDBC Password for Tomcat not working for apache-tomcat-9.0.74 using SecureTomcatJDBC.jar. What should be the work around?
I followed the steps provided in https://www.aivhub.com/wiki/aiv_secureJDBCpassword.html. I generated the encrypted password using the command "java -jar SecureTomcatJDBC.jar password". Then I placed the SecureTomcatJDBC.jar in the lib of Tomcat.
<Resource name="jdbc/PegaRULES"
auth="Container"
type="javax.sql.DataSource"
factory="SecureTomcatDataSourceImpl"
driverClassName="org.postgresql.Driver"
url="jdbc:postgresql://db1.rds.amazonaws.com:5432/dbdev"
username="pegaadmin"
password="b67720a6c39db763b7f"
maxActive="100"
maxIdle="30"
maxWait="60000"
connectionProperties=""
validationQuery="SELECT 1"
validationInterval="30000"
testWhileIdle="true"
timeBetweenEvictionRunsMills="10000"
/>
The decryption of password is working for apache-tomcat-9.0.73, but the same is not working apache-tomcat-9.0.74.
The issue is not due to the versions of JDK and Tomcat. It was found that the actual password of pegaadmin started with $ character. So the password of pegaadmin was changed by the DBA and the new password now starts with c. This password was encrypted by the command "java -jar SecureTomcatJDBC.jar c*******" and the new encrypted password was put into the context.xml file.
With the new password the decryption by Tomcat was successful and the issue is resolved.
So, this is a bug of the SecureTomcatJDBC.jar file.