Encrypted fields in Liferay Objects.
Arvind Handa
?????????????? ?????????????????? ????????? ????????? ????????????? ????????????? ???????? ??????????????????? ????????? ??????? ??????????? ??????????????? ???????????
What is encrypted fields?
Liferay provides the encrypted field type for storing sensitive user data.
Encrypted fields in Liferay objects refer to the practice of encrypting specific data fields within objects created and managed using the Liferay platform. This approach enhances data security and privacy, especially when dealing with sensitive or personally identifiable information (PII). Here are some key points about encrypted fields in Liferay objects:
Encrypted fields in Liferay objects are a critical component of data security and privacy, allowing organizations to protect sensitive information within their Liferay-based applications and comply with data protection regulations.
How to use
To use encrypted fields, first add an encryption algorithm and key to your portal properties. Then add an encrypted field to your object definition. Once data is encrypted, only users with the decryption key can read it.
Required Liferay Version : 7.4 U72+ / GA72+
Adding an Encryption Algorithm and Key
To use encryption algorithms and keys for objects, you must add below properties to your portal-ext.properties file:
object.encryption.algorithm = [value]
object.encryption.key = [value]
领英推荐
Supported algorithm values include AES, Blowfish, and DES. Encryption key values must use base64 encoding. For example:
object.encryption.algorithm = AES
object.encryption.key = D9z5Rwxkn+8SctNWW/q/OA==
Adding an Encrypted Field
Accessing Encrypted Data
Only users with the decryption key can read encrypted field values. If your Liferay instance has a valid encryption key, authorized users can view and export the field’s data via the Liferay UI or REST APIs.
If an encryption key is lost or becomes invalid, users cannot access or export entries for any object definition with encrypted fields. When attempted, Liferay returns a 400 error and directs users to either insert a valid encryption key or remove the object’s encrypted fields to recover your entries.
Losing your key can result in data loss. Please manage your encryption key with care.
IMPORTANT NOTE
Encrypted fields store string values and cannot be used to encrypt images or file types. Filtering, sorting, and indexing are not supported for encrypted fields. Additionally, field encryption is not available for proxy object definitions.
Senior Software Engineer at INTECH
1 年Thank you for sharing this article.