Mapping encryption

The executeMapping.properties file stores user identifiers and passwords that are used to access the Integration Composer repository and the source and target data sources when mappings are executed. This file can be used to run the executeMapping.bat or executeMapping.sh files securely.

Table 1. executeMapping.properties file
Property	Description
MAPPINGNAME	Name of the mapping. Use the name that you assign to this mapping when you create the mapping.
REPOSITORYUSER	User identifier for the Integration Composer repository.
REPOSITORYPWD	Password for the Integration Composer repository.
SOURCEUSER	User identifier for the source data source for the mapping.
SOURCEPWD	Password for the source data source for the mapping.
TARGETUSER	User identifier for the target data source for the mapping.
TARGETPWD	Password for the target data source for the mapping.

To enhance security when executing mappings, administrators can run a script that encrypts the passwords in this file.

To encrypt an executeMapping.properties file, administrators specify user names and passwords in the properties file and then run the appropriate encryption script:

encryptExecuteMappingProperties.bat (Microsoft Windows systems)
encryptExecuteMappingProperties.sh (UNIX systems)

The encryption scripts are in the bin folder of the Integration Composer installation directory.

To run the script, use the syntax:

Microsoft Windows	UNIX
`encryptExecuteMappingProperties.bat <file_name>`	`encryptExecuteMappingProperties.sh <fully_qualified_file_name>`

Where the <file name> is the name of the executeMapping.properties file that you created for this mapping.

After the script is run, the executeMapping.bat file can run the mapping with the encrypted passwords.

Validation

By default, the Integration Composer encryption utility validates that the passwords are correct. Validation is done by attempting to connect to the data sources that are specified in a mapping.

To skip the step that validates data source and target connections, use the -s parameter. For example:

Microsoft Windows	UNIX
`encryptExecuteMappingProperties.bat -s <file_name>`	`encryptExecuteMappingProperties.sh -s <fully_qualified_file_name>`

Using the -s parameter encrypts the file even if the connections are not successful.

The encryption utility encrypts the values specified in the executeMapping.properties file without validating the connections.

Encrypting multiple files

If you want more than one properties file to use for different mapping executions, you can create multiple properties files by copying and renaming the executeMapping.properties file.

You can use the encryption script to encrypt multiple files at one time. For example:

Microsoft Windows UNIX

Microsoft Windows	UNIX
`encryptExecuteMappingProperties.bat [-s] <filename_1> <filename_2>...<filename_n>`	`encryptExecuteMappingProperties.sh [-s] <fully_qualified_filename_1> <fully_qualified_filename_2>...<fully_qualified_filename_n>`

encryptExecuteMappingProperties.bat [-s] <filename_1>
<filename_2>...<filename_n>

encryptExecuteMappingProperties.sh [-s]
<fully_qualified_filename_1>
<fully_qualified_filename_2>...<fully_qualified_filename_n>

The -s option applies to all files. If you omit the -s, all files are validated. If you include the -s, no files are validated.

Feedback