RFC-18 completed (Encryption of database connections)
dmorissette at MAPGEARS.COM
Fri Aug 11 13:18:32 EDT 2006
Remember RFC-18, the encryption of database connection strings?
This has been completed and committed to 4.9 CVS earlier in June for OGR
and Oracle Spatial and appears to be working fine with all the tests we
made. I had also made the changes to mapsde.c and mappostgis.c but had
not committed the changes to those two files yet since I had no way to test.
I still have no way to test with SDE and should get postgis running on
my dev machine but don't have it at the moment, but since the changes
are trivial I committed them to mappostgis.c and mapsde.c a few minutes
ago without testing, hoping that everything would go smoothly. I don't
expect any side-effect, but if you notice any new problem with SDE or
Postgis connections that this could have introduced then let me know and
I'll have a look.
With this committed to CVS, we can consider RFC-18 complete.
In case you want to try/test the new feature, it's very straightforward:
1- Create an encryption key using the new msencrypt command-line utility:
msencrypt -keygen /path/to/mykey.txt
2- Set MS_ENCRYPTION_KEY in your mapfile (or in an env. var.) to point
to the encryption key:
CONFIG MS_ENCRYPTION_KEY "/path/to/mykey.txt"
3- Encrypt portions or full connection strings using msencrypt:
msencrypt -key /path/to/mykey.txt <string_to_encrypt>
4- Embed the encrypted strings in a CONNECTION string in the mapfile:
More information about the mapserver-dev