Re: FW: Information on encryption methodology of Jack Rabbit Repository

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: FW: Information on encryption methodology of Jack Rabbit Repository

justzzzz
Hi, I responded to this email already. Did you see my response?


On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S <[hidden email]>
wrote:

> Hello Users & Dev,
>
>
>
> Could someone please assist with the below case.
>
> Thanks & Regards,
> Dilipkumar S
>
>
>
> *From:* Dilipkumar S
> *Sent:* Wednesday, July 12, 2017 11:01 AM
> *To:* '[hidden email]' <[hidden email]>; '
> [hidden email]' <[hidden email]>
> *Cc:* '[hidden email]' <[hidden email]>; Florence
> Tournikian-Lalanne <[hidden email]>; '[hidden email]' <
> [hidden email]>
> *Subject:* Information on encryption methodology of Jack Rabbit Repository
>
>
>
> Hello Jack Rabbit,
>
>
>
> Am posting this mail to you with comments posted by Julian Reschke
> <https://issues.apache.org/jira/secure/ViewProfile.jspa?name=reschke>
> under below JIRA,
>
>
>
> https://issues.apache.org/jira/browse/JCR-4161
>
>
>
> We require your assistance with reference to Jack Rabbit repository. Here
> by am adding the detailed information of the case below:
>
>
>
> We have a Front end API using which the reports would be generated and the
> records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.
>
> Currently we are facing an issue under which the report generated with the
> Frontend API is not accessible using open/Save mode with below error
> appended in the logs:
>
> ===========
> 2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | |
> WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport:
> Exception from the uderlying repository
> javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
> =============
>
> Based on the above error, we would like to perform analysis on whether the
> report generated exists or not with the repository table DS_JCR_DATASTORE,
> but we are restricted from performing the analysis due to below constraint:
>
> *The records generated and stored with DS_JCR_DATASTORE are in encrypted
> format*
>
> To do the analysis we need to map the relation between a session_id from
> the API against a record_id in repository table, therefore I request you to
> let us know *the steps to decrypt the encrypted data in the table*.
>
> I've attached the logs & sample data from DS_JCR_DATASTORE for your
> reference.
>
> Please let me know if you require any additional information.
>
> Thanks & Regards,
> Dilipkumar S
>
> The information in this e-mail and any attachments is confidential and may
> be legally privileged. It is intended solely for the addressee or
> addressees. Any use or disclosure of the contents of this
> e-mail/attachments by a not intended recipient is unauthorized and may be
> unlawful. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of
> TEMENOS. We recommend that you check this e-mail and any attachments
> against viruses. TEMENOS accepts no liability for any damage caused by any
> malicious code or virus transmitted by this e-mail.
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: FW: Information on encryption methodology of Jack Rabbit Repository

Dilipkumar S
Hello Justin,

I have not received your email.

Could you please re-forward me your response mail.

Thanks & Regards,
Dilipkumar S

From: Justin Edelson [mailto:[hidden email]]
Sent: Friday, July 14, 2017 9:17 PM
To: [hidden email]; [hidden email]
Cc: Florence Tournikian-Lalanne <[hidden email]>; Subhransu Samant <[hidden email]>; Umamaheswari Jayachandran <[hidden email]>; Dilipkumar S <[hidden email]>
Subject: Re: FW: Information on encryption methodology of Jack Rabbit Repository

Hi, I responded to this email already. Did you see my response?

On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S <[hidden email]<mailto:[hidden email]>> wrote:
Hello Users & Dev,

Could someone please assist with the below case.

Thanks & Regards,
Dilipkumar S

From: Dilipkumar S
Sent: Wednesday, July 12, 2017 11:01 AM
To: '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>; '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>
Cc: '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>; Florence Tournikian-Lalanne <[hidden email]<mailto:[hidden email]>>; '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>
Subject: Information on encryption methodology of Jack Rabbit Repository

Hello Jack Rabbit,

Am posting this mail to you with comments posted by Julian Reschke<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_secure_ViewProfile.jspa-3Fname-3Dreschke&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=QIlQ8XKgYAySdlig7zy88i-BGMPiULlqkLSq3A6PsaE&e=> under below JIRA,

https://issues.apache.org/jira/browse/JCR-4161<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_JCR-2D4161&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=uapdvkwwFpG6TtJhSeDnKRtWIAQ6MSnrEBRM9uGqTXQ&e=>

We require your assistance with reference to Jack Rabbit repository. Here by am adding the detailed information of the case below:


We have a Front end API using which the reports would be generated and the records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.

Currently we are facing an issue under which the report generated with the Frontend API is not accessible using open/Save mode with below error appended in the logs:

===========
2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | | WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport: Exception from the uderlying repository
javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
=============

Based on the above error, we would like to perform analysis on whether the report generated exists or not with the repository table DS_JCR_DATASTORE, but we are restricted from performing the analysis due to below constraint:

The records generated and stored with DS_JCR_DATASTORE are in encrypted format

To do the analysis we need to map the relation between a session_id from the API against a record_id in repository table, therefore I request you to let us know the steps to decrypt the encrypted data in the table.

I've attached the logs & sample data from DS_JCR_DATASTORE for your reference.

Please let me know if you require any additional information.

Thanks & Regards,
Dilipkumar S

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: FW: Information on encryption methodology of Jack Rabbit Repository

Julian Reschke
On 2017-07-17 06:33, Dilipkumar S wrote:
> Hello Justin,
>
> I have not received your email.
>
> Could you please re-forward me your response mail.
 > ...

<http://markmail.org/message/iacfau7w6pms6fuv>


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: FW: Information on encryption methodology of Jack Rabbit Repository

Dilipkumar S
In reply to this post by justzzzz
Hi Justin,

Your response is shared to me by Julian Reschke:

=========
What leads you to believe that the data is encrypted? I suppose in theory it could be encrypted if you have a custom DataStore implementation or there is encryption done by the JDBC driver, but there's none in the standard DbDataStore itself.
=========

The data is actually not encrypted, to be specific it is hashed.

Our code interacts with Jack Rabbit API to insert the node key into VER_BUNDLE table, later the report file data is inserted into DS_JCR_DATASTORE.

Let me share you a piece of code which would be useful for you to understand the scenario.

===============

  String path = uri2xpath(uri);
  session = openReadWriteSession();
  createContentNode(uri, metadata, session);
  Node root = session.getRootNode();
  Node newNode = root.getNode(path);
  // set the node type to file
  //and set the content of the file
  Node reportNode = newNode.addNode(FILE_NODE, NodeType.NT_FILE);
  Node fileNode = reportNode.addNode(Node.JCR_CONTENT, NodeType.NT_RESOURCE);

  ValueFactory valueFactory = session.getValueFactory();
  Binary b = valueFactory.createBinary(fileIn);
  LOGGER.debug("CONTENT stored id JCR_DATA_STORE ="+b+ " , "+uri);
  fileNode.setProperty(Property.JCR_DATA, b);
===============


è  reportNode is what we are saving into VER_BUNDLE

è  fileNode is the actual file stored into DS_JCR_DATASTORE

We are halted with our analysis as the API belongs to JCR and was not sure how to extract the data stored in VER_BUNDLE to DATASTORE.

Could you please let us know on how the data is stored from VER_BUNDLE to DATASTORE.

If you are still unclear on the case, I would like to invite you to a conference call so that I could loop my product expert as well.

Thanks & Regards,
Dilipkumar S
From: Justin Edelson [mailto:[hidden email]]
Sent: Friday, July 14, 2017 9:17 PM
To: [hidden email]; [hidden email]
Cc: Florence Tournikian-Lalanne <[hidden email]>; Subhransu Samant <[hidden email]>; Umamaheswari Jayachandran <[hidden email]>; Dilipkumar S <[hidden email]>
Subject: Re: FW: Information on encryption methodology of Jack Rabbit Repository

Hi, I responded to this email already. Did you see my response?

On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S <[hidden email]<mailto:[hidden email]>> wrote:
Hello Users & Dev,

Could someone please assist with the below case.

Thanks & Regards,
Dilipkumar S

From: Dilipkumar S
Sent: Wednesday, July 12, 2017 11:01 AM
To: '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>; '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>
Cc: '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>; Florence Tournikian-Lalanne <[hidden email]<mailto:[hidden email]>>; '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>
Subject: Information on encryption methodology of Jack Rabbit Repository

Hello Jack Rabbit,

Am posting this mail to you with comments posted by Julian Reschke<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_secure_ViewProfile.jspa-3Fname-3Dreschke&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=QIlQ8XKgYAySdlig7zy88i-BGMPiULlqkLSq3A6PsaE&e=> under below JIRA,

https://issues.apache.org/jira/browse/JCR-4161<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_JCR-2D4161&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=uapdvkwwFpG6TtJhSeDnKRtWIAQ6MSnrEBRM9uGqTXQ&e=>

We require your assistance with reference to Jack Rabbit repository. Here by am adding the detailed information of the case below:


We have a Front end API using which the reports would be generated and the records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.

Currently we are facing an issue under which the report generated with the Frontend API is not accessible using open/Save mode with below error appended in the logs:

===========
2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | | WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport: Exception from the uderlying repository
javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
=============

Based on the above error, we would like to perform analysis on whether the report generated exists or not with the repository table DS_JCR_DATASTORE, but we are restricted from performing the analysis due to below constraint:

The records generated and stored with DS_JCR_DATASTORE are in encrypted format

To do the analysis we need to map the relation between a session_id from the API against a record_id in repository table, therefore I request you to let us know the steps to decrypt the encrypted data in the table.

I've attached the logs & sample data from DS_JCR_DATASTORE for your reference.

Please let me know if you require any additional information.

Thanks & Regards,
Dilipkumar S

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: FW: Information on encryption methodology of Jack Rabbit Repository

justzzzz
Hi,
I'm not sure that I totally understand what your question is at this point.
It sounds like you are asking for the implementation details of the
PersistenceManager and DataSource implementations, but you haven't actually
specified which implementations you are using. I would suggest just looking
at the source code for the specific implementations you are using. That
will save everyone a lot of back and forth.

FWIW, in the normal Jackrabbit architecture, this statement is not true:

è  *fileNode* is the actual file stored into DS_JCR_DATASTORE

Per https://wiki.apache.org/jackrabbit/DataStore the DataStore stores the
binary *value*. So in your case, it is only storing the jcr:data property
of fileNode.

Regards,
Justin

On Mon, Jul 17, 2017 at 7:53 AM Dilipkumar S <[hidden email]>
wrote:

> Hi Justin,
>
>
>
> Your response is shared to me by Julian Reschke:
>
>
>
> =========
>
> What leads you to believe that the data is encrypted? I suppose in theory
> it could be encrypted if you have a custom DataStore implementation or
> there is encryption done by the JDBC driver, but there's none in the
> standard DbDataStore itself.
>
> =========
>
>
>
> The data is actually not encrypted, to be specific it is hashed.
>
>
>
> Our code interacts with Jack Rabbit API to insert the node key into
> VER_BUNDLE table, later the report file data is inserted into
> DS_JCR_DATASTORE.
>
>
>
> Let me share you a piece of code which would be useful for you to
> understand the scenario.
>
>
>
> ===============
>
>
>
>   String path = uri2xpath(uri);
>
>   session = openReadWriteSession();
>
>   createContentNode(uri, metadata, session);
>
>   Node root = session.getRootNode();
>
>   Node newNode = root.getNode(path);
>
>   // set the node type to file
>
>   //and set the content of the file
>
>   Node reportNode = newNode.addNode(*FILE_NODE*, NodeType.*NT_FILE*);
>
>   Node fileNode = reportNode.addNode(Node.*JCR_CONTENT*, NodeType.
> *NT_RESOURCE*);
>
>
>
>   ValueFactory valueFactory = session.getValueFactory();
>
>   Binary b = valueFactory.createBinary(fileIn);
>
>   *LOGGER*.debug("CONTENT stored id JCR_DATA_STORE ="+b+ " , "+uri);
>
>   fileNode.setProperty(Property.*JCR_DATA*, b);
>
> ===============
>
>
>
> è  *reportNode* is what we are saving into VER_BUNDLE
>
> è  *fileNode* is the actual file stored into DS_JCR_DATASTORE
>
>
>
> We are halted with our analysis as the API belongs to JCR and was not sure
> how to extract the data stored in VER_BUNDLE to DATASTORE.
>
>
>
> Could you please let us know on how the data is stored from VER_BUNDLE to
> DATASTORE.
>
>
>
> If you are still unclear on the case, I would like to invite you to a
> conference call so that I could loop my product expert as well.
>
>
>
> Thanks & Regards,
>
> Dilipkumar S
>
> *From:* Justin Edelson [mailto:[hidden email]]
>
> *Sent:* Friday, July 14, 2017 9:17 PM
> *To:* [hidden email]; [hidden email]
> *Cc:* Florence Tournikian-Lalanne <[hidden email]>; Subhransu
> Samant <[hidden email]>; Umamaheswari Jayachandran <
> [hidden email]>; Dilipkumar S <[hidden email]>
>
> *Subject:* Re: FW: Information on encryption methodology of Jack Rabbit
> Repository
>
>
>
> Hi, I responded to this email already. Did you see my response?
>
>
>
> On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S <[hidden email]>
> wrote:
>
> Hello Users & Dev,
>
>
>
> Could someone please assist with the below case.
>
> Thanks & Regards,
> Dilipkumar S
>
>
>
> *From:* Dilipkumar S
> *Sent:* Wednesday, July 12, 2017 11:01 AM
> *To:* '[hidden email]' <[hidden email]>; '
> [hidden email]' <[hidden email]>
> *Cc:* '[hidden email]' <[hidden email]>; Florence
> Tournikian-Lalanne <[hidden email]>; '[hidden email]' <
> [hidden email]>
> *Subject:* Information on encryption methodology of Jack Rabbit Repository
>
>
>
> Hello Jack Rabbit,
>
>
>
> Am posting this mail to you with comments posted by Julian Reschke
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_secure_ViewProfile.jspa-3Fname-3Dreschke&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=QIlQ8XKgYAySdlig7zy88i-BGMPiULlqkLSq3A6PsaE&e=>
> under below JIRA,
>
>
>
> https://issues.apache.org/jira/browse/JCR-4161
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_JCR-2D4161&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=uapdvkwwFpG6TtJhSeDnKRtWIAQ6MSnrEBRM9uGqTXQ&e=>
>
>
>
> We require your assistance with reference to Jack Rabbit repository. Here
> by am adding the detailed information of the case below:
>
>
>
> We have a Front end API using which the reports would be generated and the
> records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.
>
> Currently we are facing an issue under which the report generated with the
> Frontend API is not accessible using open/Save mode with below error
> appended in the logs:
>
> ===========
> 2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | |
> WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport:
> Exception from the uderlying repository
> javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
> =============
>
> Based on the above error, we would like to perform analysis on whether the
> report generated exists or not with the repository table DS_JCR_DATASTORE,
> but we are restricted from performing the analysis due to below constraint:
>
> *The records generated and stored with DS_JCR_DATASTORE are in encrypted
> format*
>
> To do the analysis we need to map the relation between a session_id from
> the API against a record_id in repository table, therefore I request you to
> let us know *the steps to decrypt the encrypted data in the table*.
>
> I've attached the logs & sample data from DS_JCR_DATASTORE for your
> reference.
>
> Please let me know if you require any additional information.
>
> Thanks & Regards,
> Dilipkumar S
>
>
> The information in this e-mail and any attachments is confidential and may
> be legally privileged. It is intended solely for the addressee or
> addressees. Any use or disclosure of the contents of this
> e-mail/attachments by a not intended recipient is unauthorized and may be
> unlawful. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of
> TEMENOS. We recommend that you check this e-mail and any attachments
> against viruses. TEMENOS accepts no liability for any damage caused by any
> malicious code or virus transmitted by this e-mail.
>
>
> The information in this e-mail and any attachments is confidential and may
> be legally privileged. It is intended solely for the addressee or
> addressees. Any use or disclosure of the contents of this
> e-mail/attachments by a not intended recipient is unauthorized and may be
> unlawful. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of
> TEMENOS. We recommend that you check this e-mail and any attachments
> against viruses. TEMENOS accepts no liability for any damage caused by any
> malicious code or virus transmitted by this e-mail.
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: FW: Information on encryption methodology of Jack Rabbit Repository

Sathyaprasad M V
Hi Justin,

We are using  DbDataStore -->
<param name="databaseType" value="/META-INF/sybase"/>
                              <param name="schemaObjectPrefix" value="JCR_"/>

For Implementation   DbFileSystem -->
       <param name="databaseType" value="/META-INF/sybaseFileSystem"/>
       <param name="schemaObjectPrefix" value="DS_"/>


What we are trying to do here is how to tie  our  node path  to  the Id in the JCR_DATASTORE  within Sybase DB.


Thanks
Sathya


From: Justin Edelson [mailto:[hidden email]]
Sent: Monday, July 17, 2017 6:18 PM
To: Dilipkumar S <[hidden email]>; [hidden email]; [hidden email]
Cc: Florence Tournikian-Lalanne <[hidden email]>; Subhransu Samant <[hidden email]>; Umamaheswari Jayachandran <[hidden email]>; Sathyaprasad M V <[hidden email]>
Subject: Re: FW: Information on encryption methodology of Jack Rabbit Repository

Hi,
I'm not sure that I totally understand what your question is at this point. It sounds like you are asking for the implementation details of the PersistenceManager and DataSource implementations, but you haven't actually specified which implementations you are using. I would suggest just looking at the source code for the specific implementations you are using. That will save everyone a lot of back and forth.

FWIW, in the normal Jackrabbit architecture, this statement is not true:

==>  fileNode is the actual file stored into DS_JCR_DATASTORE

Per https://wiki.apache.org/jackrabbit/DataStore<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.apache.org_jackrabbit_DataStore&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=uwGVtwv28j-45wLlELFsHHFY5hqcqok7xneZSJ_E4I0&m=cKGQnfpAGG7WtTtq-J08F0zMNGu1vTFhT-gpk-4scHU&s=8LPjfR3AQ4OHcp02rT-rpJDflYbI6Nus5O0KsOxFMrM&e=> the DataStore stores the binary *value*. So in your case, it is only storing the jcr:data property of fileNode.

Regards,
Justin

On Mon, Jul 17, 2017 at 7:53 AM Dilipkumar S <[hidden email]<mailto:[hidden email]>> wrote:
Hi Justin,

Your response is shared to me by Julian Reschke:

=========
What leads you to believe that the data is encrypted? I suppose in theory it could be encrypted if you have a custom DataStore implementation or there is encryption done by the JDBC driver, but there's none in the standard DbDataStore itself.
=========

The data is actually not encrypted, to be specific it is hashed.

Our code interacts with Jack Rabbit API to insert the node key into VER_BUNDLE table, later the report file data is inserted into DS_JCR_DATASTORE.

Let me share you a piece of code which would be useful for you to understand the scenario.

===============

  String path = uri2xpath(uri);
  session = openReadWriteSession();
  createContentNode(uri, metadata, session);
  Node root = session.getRootNode();
  Node newNode = root.getNode(path);
  // set the node type to file
  //and set the content of the file
  Node reportNode = newNode.addNode(FILE_NODE, NodeType.NT_FILE);
  Node fileNode = reportNode.addNode(Node.JCR_CONTENT, NodeType.NT_RESOURCE);

  ValueFactory valueFactory = session.getValueFactory();
  Binary b = valueFactory.createBinary(fileIn);
  LOGGER.debug("CONTENT stored id JCR_DATA_STORE ="+b+ " , "+uri);
  fileNode.setProperty(Property.JCR_DATA, b);
===============


==>  reportNode is what we are saving into VER_BUNDLE

==>  fileNode is the actual file stored into DS_JCR_DATASTORE

We are halted with our analysis as the API belongs to JCR and was not sure how to extract the data stored in VER_BUNDLE to DATASTORE.

Could you please let us know on how the data is stored from VER_BUNDLE to DATASTORE.

If you are still unclear on the case, I would like to invite you to a conference call so that I could loop my product expert as well.

Thanks & Regards,
Dilipkumar S
From: Justin Edelson [mailto:[hidden email]<mailto:[hidden email]>]
Sent: Friday, July 14, 2017 9:17 PM
To: [hidden email]<mailto:[hidden email]>; [hidden email]<mailto:[hidden email]>
Cc: Florence Tournikian-Lalanne <[hidden email]<mailto:[hidden email]>>; Subhransu Samant <[hidden email]<mailto:[hidden email]>>; Umamaheswari Jayachandran <[hidden email]<mailto:[hidden email]>>; Dilipkumar S <[hidden email]<mailto:[hidden email]>>
Subject: Re: FW: Information on encryption methodology of Jack Rabbit Repository

Hi, I responded to this email already. Did you see my response?

On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S <[hidden email]<mailto:[hidden email]>> wrote:
Hello Users & Dev,

Could someone please assist with the below case.

Thanks & Regards,
Dilipkumar S

From: Dilipkumar S
Sent: Wednesday, July 12, 2017 11:01 AM
To: '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>; '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>
Cc: '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>; Florence Tournikian-Lalanne <[hidden email]<mailto:[hidden email]>>; '[hidden email]<mailto:[hidden email]>' <[hidden email]<mailto:[hidden email]>>
Subject: Information on encryption methodology of Jack Rabbit Repository

Hello Jack Rabbit,

Am posting this mail to you with comments posted by Julian Reschke<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_secure_ViewProfile.jspa-3Fname-3Dreschke&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=QIlQ8XKgYAySdlig7zy88i-BGMPiULlqkLSq3A6PsaE&e=> under below JIRA,

https://issues.apache.org/jira/browse/JCR-4161<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_JCR-2D4161&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=uapdvkwwFpG6TtJhSeDnKRtWIAQ6MSnrEBRM9uGqTXQ&e=>

We require your assistance with reference to Jack Rabbit repository. Here by am adding the detailed information of the case below:


We have a Front end API using which the reports would be generated and the records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.

Currently we are facing an issue under which the report generated with the Frontend API is not accessible using open/Save mode with below error appended in the logs:

===========
2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | | WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport: Exception from the uderlying repository
javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
=============

Based on the above error, we would like to perform analysis on whether the report generated exists or not with the repository table DS_JCR_DATASTORE, but we are restricted from performing the analysis due to below constraint:

The records generated and stored with DS_JCR_DATASTORE are in encrypted format

To do the analysis we need to map the relation between a session_id from the API against a record_id in repository table, therefore I request you to let us know the steps to decrypt the encrypted data in the table.

I've attached the logs & sample data from DS_JCR_DATASTORE for your reference.

Please let me know if you require any additional information.

Thanks & Regards,
Dilipkumar S

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.

The information in this e-mail and any attachments is confidential and may be legally privileged. It is intended solely for the addressee or addressees. Any use or disclosure of the contents of this e-mail/attachments by a not intended recipient is unauthorized and may be unlawful. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of TEMENOS. We recommend that you check this e-mail and any attachments against viruses. TEMENOS accepts no liability for any damage caused by any malicious code or virus transmitted by this e-mail.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: FW: Information on encryption methodology of Jack Rabbit Repository

justzzzz
Hi,

"What we are trying to do here is how to tie  our  node path  to  the Id in
the JCR_DATASTORE  within Sybase DB."

You can't. At least not directly. Only the binary data is stored in the
DataStore identified using a hash of the binary content. The DataStore
itself knows nothing about node paths / property names.

The identifier (the hash) is stored in the PeristenceManager. The
PersistenceManager is what knows about node paths and property names.

You might want to review the "How It Works" section of the wiki page I
linked to before.

Regards,
Justin


On Mon, Jul 17, 2017 at 9:45 AM Sathyaprasad M V <[hidden email]>
wrote:

> Hi Justin,
>
>
>
> We are using  DbDataStore à
>
> <param name="databaseType" value="/META-INF/sybase"/>
>
>                               <param name="schemaObjectPrefix"
> value="JCR_"/>
>
>
>
> For Implementation   DbFileSystem à
>
>        <param name=*"databaseType"* value=*"/META-INF/sybaseFileSystem"*/>
>
>        <param name=*"schemaObjectPrefix"* value=*"DS_"*/>
>
>
>
>
>
> What we are trying to do here is how to tie  our  node *path  *to  the Id
> in the *JCR_DATASTORE*  within Sybase DB.
>
>
>
>
>
> Thanks
>
> Sathya
>
>
>
>
>
> *From:* Justin Edelson [mailto:[hidden email]]
> *Sent:* Monday, July 17, 2017 6:18 PM
> *To:* Dilipkumar S <[hidden email]>; [hidden email];
> [hidden email]
> *Cc:* Florence Tournikian-Lalanne <[hidden email]>; Subhransu
> Samant <[hidden email]>; Umamaheswari Jayachandran <
> [hidden email]>; Sathyaprasad M V <[hidden email]>
>
>
> *Subject:* Re: FW: Information on encryption methodology of Jack Rabbit
> Repository
>
>
>
> Hi,
>
> I'm not sure that I totally understand what your question is at this
> point. It sounds like you are asking for the implementation details of the
> PersistenceManager and DataSource implementations, but you haven't actually
> specified which implementations you are using. I would suggest just looking
> at the source code for the specific implementations you are using. That
> will save everyone a lot of back and forth.
>
>
>
> FWIW, in the normal Jackrabbit architecture, this statement is not true:
>
>
>
> è  *fileNode* is the actual file stored into DS_JCR_DATASTORE
>
>
>
> Per https://wiki.apache.org/jackrabbit/DataStore
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.apache.org_jackrabbit_DataStore&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=uwGVtwv28j-45wLlELFsHHFY5hqcqok7xneZSJ_E4I0&m=cKGQnfpAGG7WtTtq-J08F0zMNGu1vTFhT-gpk-4scHU&s=8LPjfR3AQ4OHcp02rT-rpJDflYbI6Nus5O0KsOxFMrM&e=>
> the DataStore stores the binary *value*. So in your case, it is only
> storing the jcr:data property of fileNode.
>
>
>
> Regards,
>
> Justin
>
>
>
> On Mon, Jul 17, 2017 at 7:53 AM Dilipkumar S <[hidden email]>
> wrote:
>
> Hi Justin,
>
>
>
> Your response is shared to me by Julian Reschke:
>
>
>
> =========
>
> What leads you to believe that the data is encrypted? I suppose in theory
> it could be encrypted if you have a custom DataStore implementation or
> there is encryption done by the JDBC driver, but there's none in the
> standard DbDataStore itself.
>
> =========
>
>
>
> The data is actually not encrypted, to be specific it is hashed.
>
>
>
> Our code interacts with Jack Rabbit API to insert the node key into
> VER_BUNDLE table, later the report file data is inserted into
> DS_JCR_DATASTORE.
>
>
>
> Let me share you a piece of code which would be useful for you to
> understand the scenario.
>
>
>
> ===============
>
>
>
>   String path = uri2xpath(uri);
>
>   session = openReadWriteSession();
>
>   createContentNode(uri, metadata, session);
>
>   Node root = session.getRootNode();
>
>   Node newNode = root.getNode(path);
>
>   // set the node type to file
>
>   //and set the content of the file
>
>   Node reportNode = newNode.addNode(*FILE_NODE*, NodeType.*NT_FILE*);
>
>   Node fileNode = reportNode.addNode(Node.*JCR_CONTENT*, NodeType.
> *NT_RESOURCE*);
>
>
>
>   ValueFactory valueFactory = session.getValueFactory();
>
>   Binary b = valueFactory.createBinary(fileIn);
>
>   *LOGGER*.debug("CONTENT stored id JCR_DATA_STORE ="+b+ " , "+uri);
>
>   fileNode.setProperty(Property.*JCR_DATA*, b);
>
> ===============
>
>
>
> è  *reportNode* is what we are saving into VER_BUNDLE
>
> è  *fileNode* is the actual file stored into DS_JCR_DATASTORE
>
>
>
> We are halted with our analysis as the API belongs to JCR and was not sure
> how to extract the data stored in VER_BUNDLE to DATASTORE.
>
>
>
> Could you please let us know on how the data is stored from VER_BUNDLE to
> DATASTORE.
>
>
>
> If you are still unclear on the case, I would like to invite you to a
> conference call so that I could loop my product expert as well.
>
>
>
> Thanks & Regards,
>
> Dilipkumar S
>
> *From:* Justin Edelson [mailto:[hidden email]]
>
> *Sent:* Friday, July 14, 2017 9:17 PM
> *To:* [hidden email]; [hidden email]
> *Cc:* Florence Tournikian-Lalanne <[hidden email]>; Subhransu
> Samant <[hidden email]>; Umamaheswari Jayachandran <
> [hidden email]>; Dilipkumar S <[hidden email]>
>
> *Subject:* Re: FW: Information on encryption methodology of Jack Rabbit
> Repository
>
>
>
> Hi, I responded to this email already. Did you see my response?
>
>
>
> On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S <[hidden email]>
> wrote:
>
> Hello Users & Dev,
>
>
>
> Could someone please assist with the below case.
>
> Thanks & Regards,
> Dilipkumar S
>
>
>
> *From:* Dilipkumar S
> *Sent:* Wednesday, July 12, 2017 11:01 AM
> *To:* '[hidden email]' <[hidden email]>; '
> [hidden email]' <[hidden email]>
> *Cc:* '[hidden email]' <[hidden email]>; Florence
> Tournikian-Lalanne <[hidden email]>; '[hidden email]' <
> [hidden email]>
> *Subject:* Information on encryption methodology of Jack Rabbit Repository
>
>
>
> Hello Jack Rabbit,
>
>
>
> Am posting this mail to you with comments posted by Julian Reschke
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_secure_ViewProfile.jspa-3Fname-3Dreschke&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=QIlQ8XKgYAySdlig7zy88i-BGMPiULlqkLSq3A6PsaE&e=>
> under below JIRA,
>
>
>
> https://issues.apache.org/jira/browse/JCR-4161
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_JCR-2D4161&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=uapdvkwwFpG6TtJhSeDnKRtWIAQ6MSnrEBRM9uGqTXQ&e=>
>
>
>
> We require your assistance with reference to Jack Rabbit repository. Here
> by am adding the detailed information of the case below:
>
>
>
> We have a Front end API using which the reports would be generated and the
> records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.
>
> Currently we are facing an issue under which the report generated with the
> Frontend API is not accessible using open/Save mode with below error
> appended in the logs:
>
> ===========
> 2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | |
> WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport:
> Exception from the uderlying repository
> javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
> =============
>
> Based on the above error, we would like to perform analysis on whether the
> report generated exists or not with the repository table DS_JCR_DATASTORE,
> but we are restricted from performing the analysis due to below constraint:
>
> *The records generated and stored with DS_JCR_DATASTORE are in encrypted
> format*
>
> To do the analysis we need to map the relation between a session_id from
> the API against a record_id in repository table, therefore I request you to
> let us know *the steps to decrypt the encrypted data in the table*.
>
> I've attached the logs & sample data from DS_JCR_DATASTORE for your
> reference.
>
> Please let me know if you require any additional information.
>
> Thanks & Regards,
> Dilipkumar S
>
>
> The information in this e-mail and any attachments is confidential and may
> be legally privileged. It is intended solely for the addressee or
> addressees. Any use or disclosure of the contents of this
> e-mail/attachments by a not intended recipient is unauthorized and may be
> unlawful. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of
> TEMENOS. We recommend that you check this e-mail and any attachments
> against viruses. TEMENOS accepts no liability for any damage caused by any
> malicious code or virus transmitted by this e-mail.
>
>
> The information in this e-mail and any attachments is confidential and may
> be legally privileged. It is intended solely for the addressee or
> addressees. Any use or disclosure of the contents of this
> e-mail/attachments by a not intended recipient is unauthorized and may be
> unlawful. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of
> TEMENOS. We recommend that you check this e-mail and any attachments
> against viruses. TEMENOS accepts no liability for any damage caused by any
> malicious code or virus transmitted by this e-mail.
>
>
> The information in this e-mail and any attachments is confidential and may
> be legally privileged. It is intended solely for the addressee or
> addressees. Any use or disclosure of the contents of this
> e-mail/attachments by a not intended recipient is unauthorized and may be
> unlawful. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of
> TEMENOS. We recommend that you check this e-mail and any attachments
> against viruses. TEMENOS accepts no liability for any damage caused by any
> malicious code or virus transmitted by this e-mail.
>
Loading...