Error implementing Jasypt with Hibernate 3 and Struts 2

StackOverflow https://stackoverflow.com/questions/3291442

Question

I'm trying to encrypt passwords in a webapp using Jasypt with hibernate 3. I followed the instructions on the jasypt website.

Here's my hibernate mapping :

<hibernate-mapping package="webapp.entity">

  <typedef name="encrypted" class="org.jasypt.hibernate.type.EncryptedStringType">
    <param name="encryptorRegisteredName">strongHibernateStringEncryptor</param>
  </typedef>

  <class name="User" table="Users">
    <id name="name"
      column="name"
      type="string">
    </id>

    <property name="passwd"
      column="passwd"
      type="encrypted"
      not-null="true">
    </property>

  </class>

</hibernate-mapping>

Now I register the encryptor each time I open a session with hibernate :

public void initHibSession() {
    HibernateUtil.buildSessionFactory();
    hib_session = HibernateUtil.getSessionFactory().getCurrentSession();
    if (hib_session != null && hib_session.isOpen()) {
        hib_session.close();
        hib_session = HibernateUtil.getSessionFactory().openSession();
    }
    hib_session.beginTransaction();

    StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
    strongEncryptor.setPassword("aStrongPassword");
    HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
    registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
}

Then, each time I try to access a user, this exception is thrown :

FreeMarker template error!

Method public java.lang.String  org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an       exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor"
The problematic instruction:
----------
==&gt; ${msgs[0][0]} [on line 76, column 25 in org/apache/struts2/dispatcher/error.ftl]
----------

Java backtrace for programmers:
----------
freemarker.template.TemplateModelException: Method public java.lang.String  org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor"
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:130)
at freemarker.ext.beans.SimpleMethodModel.get(SimpleMethodModel.java:138)
at freemarker.core.DynamicKeyName.dealWithNumericalKey(DynamicKeyName.java:111)
at freemarker.core.DynamicKeyName._getAsTemplateModel(DynamicKeyName.java:90)
at freemarker.core.Expression.getAsTemplateModel(Expression.java:89)
at freemarker.core.Expression.getStringValue(Expression.java:93)
at freemarker.core.DollarVariable.accept(DollarVariable.java:76)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.IfBlock.accept(IfBlock.java:82)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.IfBlock.accept(IfBlock.java:82)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.Environment.process(Environment.java:190)
at freemarker.template.Template.process(Template.java:237)
at org.apache.struts2.dispatcher.Dispatcher.sendError(Dispatcher.java:748)
at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:505)
at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.lang.NullPointerException
at     freemarker.ext.beans.SimpleMemberModel.unwrapArguments(SimpleMemberModel.java:85)
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:106)
... 33 more

Anybody have an idea for implementing jasypt with Hibernate 3 and Struts 2 or can help me with this error ? (I have to use jasypt)

Was it helpful?

Solution

It's ok, the problem was the encryptor registered name in the mapping :

<param name="encryptorRegisteredName">strongHibernateEncryptor</param>

When I registered it, I add "String" in the name : 

registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);

Have to set a password too :

strongEncryptor.setPassword("aStrongPassword");

No more error now.

(I edit my code above to reflect the changes)

OTHER TIPS

You should be aware that the hibernate / jaspyt encryption is PBE based and reversible, meaning that it's only encrypted in the database, not in the app.

For passwords especially, it's better to use digest based encryption that is not reversible -- the StrongPasswordEncryptor is really what you should be using in the above case.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top