Setting up password encryption after upgrading
After upgrading your Pentaho Server to the latest version, you can set up password encryption to help meet your organization's security needs. To get started, you must first set up the server to work with password encryption before applying it.
Perform the following actions if you want to set up your system for password encryption:
- Modify the Tomcat Context XML file.
- Update the Jackrabbit Repository XML file.
- Verify your Quartz properties.
- Update your Hibernate configuration.
Modify the Tomcat context XML file
Perform the following steps to modify the context.xml file to reflect encryption password changes for your database connection and network information.
Procedure
If you had any previous customizations to the context.xml file before upgrading and you have not already applied these customizations to the 9.4 version of the file, merge your customizations into the context.xml file. See Apply customizations for instructions.
NotePassword encryption requires the 9.1 or later version of the context.xml file.Navigate to the pentaho/server/pentaho-server/tomcat/webapps/pentaho/META-INF directory and open the context.xml file with any file editor.
Locate all occurrences of the following
factory
setting:factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
Replace every occurrence of the
factory
setting with the following value:factory="org.pentaho.di.core.database.util.DecryptingDataSourceFactory"
Locate the type of database you are using as the Pentaho Repository and add the following lines of code to the end of the
Resource
block to include Jackrabbit, which handles password encryption:Postgres
<Resource name="jdbc/jackrabbit" auth="Container" type="javax.sql.DataSource" factory="org.pentaho.di.core.database.util.DecryptingDataSourceFactory" maxActive="20" minIdle="0" maxIdle="5" initialSize="0" maxWait="10000" username="jcr_user" password="password" driverClassName="org.postgresql.Driver" url="jdbc:postgresql://localhost:5432/jackrabbit" validationQuery="select 1"/>
MySQL
<Resource name="jdbc/jackrabbit" auth="Container" type="javax.sql.DataSource" factory="org.pentaho.di.core.database.util.DecryptingDataSourceFactory" maxActive="20" minIdle="0" maxIdle="5" initialSize="0" maxWait="10000" username="jcr_user" password="password" driverClassName="com.mysql.jdbc.Driver" url="jdbc:mysql://localhost:3306/jackrabbit" validationQuery="select 1"/>
Oracle
Be sure to also replace
XE
in the URL setting to reflect the name of your schema:<Resource name="jdbc/jackrabbit" auth="Container" type="javax.sql.DataSource" factory="org.pentaho.di.core.database.util.DecryptingDataSourceFactory" maxActive="20" minIdle="0" maxIdle="5" initialSize="0" maxWait="10000" username="jcr_user" password="password" driverClassName="oracle.jdbc.OracleDriver" url="jdbc:oracle:thin:@localhost:1521/XE" validationQuery="select 1 from dual"/>
MS SQL Server
<Resource name="jdbc/jackrabbit" auth="Container" type="javax.sql.DataSource" factory="org.pentaho.di.core.database.util.DecryptingDataSourceFactory" maxActive="20" minIdle="0" maxIdle="5" initialSize="0" maxWait="10000" username="jcr_user" password="password" driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" url="jdbc:sqlserver://localhost:1433;DatabaseName=jackrabbit" validationQuery="select 1"/>
Save and close the context.xml file.
Restart the server and confirm no errors occurred.
Depending on the error, you may need to contact your customer support representative for help.
Results
Update the Jackrabbit Repository XML file
Perform the following steps to update the repository.xml file to use password encryption.
Procedure
If you are using a database other than Postgres for your Pentaho Repository, perform the following substeps:
Navigate to the pentaho/server/pentaho-server/pentaho-solutions/system/jackrabbit directory and open the repository.xml file with any file editor.
Comment out any references to databases other than the database you are using for the Pentaho Repository in each of the following sections, and uncomment the sections that apply to your database:
- Repository
- DataStore
- Workspaces
- PersistenceManager (1st part)
- Versioning
- PersistenceManager (2nd part)
- DatabaseJournal
Save and close the repository.xml file.
If your repository.xml file contained any customizations before upgrading and you have not yet applied these customizations to the 9.4 version of the file, merge your customizations into the repository.xml file. See Address customizations with post-upgrade versions for instructions.
Stop and restart the server to confirm no errors occurred.
Depending on the error, you may need to contact your customer support representative for help.
Verify your Quartz properties
Perform the following steps to verify the quartz.properties file has the correct JNDI information:
Procedure
Navigate to the pentaho/server/pentaho-server/pentaho-solutions/system/quartz directory and open the quartz.properties file with any file editor.
Verify the following line of code appears in the file:
org.quartz.dataSource.myDS.jndiURL = Quartz
If the line of code associated with JNDI does not appear in the quartz.properties file, perform the following action depending on whether you have any previous customizations to the quartz.properties file:
- If you have not customized the quartz.properties file, add the line of code to the file.
- If you have customized the quartz.properties file before upgrading and you have not already applied these customizations to the 9.4 version of the file, merge your customizations into the quartz.properties file. See Apply customizations for instructions.
Close the quartz.properties file.
Restart the server and confirm no errors occurred.
Depending on the error, you may need to contact your customer support representative for help.
Results
Update your Hibernate configuration
Perform the following steps to update the Hibernate configuration file for Pentaho 9.4.
Procedure
Navigate to the pentaho/server/pentaho-server/pentaho-solutions/system/hibernate directory.
Perform the following action depending on whether you have previously customized the hibernate.cfg.xml file for your database type:
- If you have not customized the hibernate.cfg.xml file, replace the existing version of the file with the hibernate.cfg.xml.merge.post-upgrade file. The hibernate.cfg.xml.merge.post-upgrade file is the 9.4 version of the file.
- If you have customized the hibernate.cfg.xml file before upgrading and you have not yet applied these customizations to the 9.4 version of the file, merge your customizations into the hibernate.cfg.xml file. See Apply customizations for instructions.
Restart the server and confirm no errors occurred.
Depending on the error, you may need to contact your customer support representative for help.
Results
Next steps