Custom property handling with ant

4
votes

We have a properties file (e.g. db.properties) that contains the credentials for a database access. Example:

db.jdbc.user=johndoe 
db.jdbc.password=topsecret

We have many ant scripts that read this file and execute various tasks. Example:

<!--Initialize the environment-->
<target name="environment">

<!--Read database connection properties-->
    <property file="$../db.properties"/>
    ...
</target>

<target name="dbping"
    description="Test the database connectivity with the current settings."
    depends="environment">
    ...
    <sql driver="oracle.jdbc.OracleDriver"
         url="${db.jdbc.url}"
         userid="${db.jdbc.user}"
         password="${db.jdbc.password}"
         classpathref="classpath.jdbc"
         print="true"
         showheaders="false">
         SELECT 'JDBC connect: successful!' FROM dual;
    </sql>

    ...
</target>

Now the client wants that the password in the db.properties is encrypted by using their encryption lib provided within a .jar file, e.g.:

db.jdbc.user=johndoe
db.jdbc.password.encrypted=true
db.jdbc.password=018Dal0AdnE=|ySHZl0FsnYOvM+114Q1hNA==

What we want to is to achieve the decryption with minimum modifications of the tons of ant files. I've heard about the enhanced property handling in Ant 1.8, but we use Ant 1.7.1.

What is the best solution for this - custom task, some magic with the PropertyHelper instance, something else?

Thanks in advance for your hints.

2
javaant

2 Answers

1
votes

I think the approach you want to take is the wrapper approach that you can do within ant.

parent ant script: 

<target name="decrypt">    
  <exec executable="myJar">
    <arg value="encryptedString"/>
  </exec>
</target>  
    <target name="build-foo">
        <subant target="build">
          <fileset dir="${test.home}" includes="Foobuild.xml"/>
        </subant>
    </target>

    <target name="build-bar">
        <subant target="build">
          <fileset dir="${test.home}" includes="Barbuild.xml"/>
        </subant>
    </target>

use subant
and exec (POTENTIALLY DANGEROUS)

What you want to do is drop each of your subscripts into this parent build file and pass around the unencrypted String to each of the scripts as a parameter / read in from a property.

1
votes

The solution that I preferred is to handle the problem with my own custom task. This required minimum changes. In our ant script this task looks like this:

<!--Initialize the environment-->
<target name="environment">

    <!--Read database connection properties-->
    <property file="$../db.properties"/>
    ...

    <decryptpwd passwordProperty="db.jdbc.password"/>

</target>

The task is also trivial. It looks like this:

public class DecryptPassword extends Task
{
    @Override
    public void execute()
    {
        ...
        PropertyHelper.getPropertyHelper(getProject()).setProperty(null, passwordProperty, getDecryptedPassword(),
                            false);
        ...                 
    }
}

And yeap - it seems to work ;-)