RE: FW: Information on encryption methodology of Jack Rabbit Repository

[Sathyaprasad M V]

Hi Justin,

We are using  DbDataStore -->
<param name="databaseType" value="/META-INF/sybase"/>
                              <param name="schemaObjectPrefix" value="JCR_"/>

For Implementation   DbFileSystem -->
       <param name="databaseType" value="/META-INF/sybaseFileSystem"/>
       <param name="schemaObjectPrefix" value="DS_"/>


What we are trying to do here is how to tie  our  node path  to  the Id in the 
JCR_DATASTORE  within Sybase DB.


Thanks
Sathya


From: Justin Edelson [mailto:jus...@justinedelson.com]
Sent: Monday, July 17, 2017 6:18 PM
To: Dilipkumar S <dilipkum...@temenos.com>; d...@jackrabbit.apache.org; 
users@jackrabbit.apache.org
Cc: Florence Tournikian-Lalanne <flala...@temenos.com>; Subhransu Samant 
<subhra...@temenos.com>; Umamaheswari Jayachandran <umamaheswa...@temenos.com>; 
Sathyaprasad M V <msathyapra...@temenos.com>
Subject: Re: FW: Information on encryption methodology of Jack Rabbit Repository

Hi,
I'm not sure that I totally understand what your question is at this point. It 
sounds like you are asking for the implementation details of the 
PersistenceManager and DataSource implementations, but you haven't actually 
specified which implementations you are using. I would suggest just looking at 
the source code for the specific implementations you are using. That will save 
everyone a lot of back and forth.

FWIW, in the normal Jackrabbit architecture, this statement is not true:

==>  fileNode is the actual file stored into DS_JCR_DATASTORE

Per 
https://wiki.apache.org/jackrabbit/DataStore<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.apache.org_jackrabbit_DataStore&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=uwGVtwv28j-45wLlELFsHHFY5hqcqok7xneZSJ_E4I0&m=cKGQnfpAGG7WtTtq-J08F0zMNGu1vTFhT-gpk-4scHU&s=8LPjfR3AQ4OHcp02rT-rpJDflYbI6Nus5O0KsOxFMrM&e=>
 the DataStore stores the binary *value*. So in your case, it is only storing 
the jcr:data property of fileNode.

Regards,
Justin

On Mon, Jul 17, 2017 at 7:53 AM Dilipkumar S 
<dilipkum...@temenos.com<mailto:dilipkum...@temenos.com>> wrote:
Hi Justin,

Your response is shared to me by Julian Reschke:

=========
What leads you to believe that the data is encrypted? I suppose in theory it 
could be encrypted if you have a custom DataStore implementation or there is 
encryption done by the JDBC driver, but there's none in the standard 
DbDataStore itself.
=========

The data is actually not encrypted, to be specific it is hashed.

Our code interacts with Jack Rabbit API to insert the node key into VER_BUNDLE 
table, later the report file data is inserted into DS_JCR_DATASTORE.

Let me share you a piece of code which would be useful for you to understand 
the scenario.

===============

  String path = uri2xpath(uri);
  session = openReadWriteSession();
  createContentNode(uri, metadata, session);
  Node root = session.getRootNode();
  Node newNode = root.getNode(path);
  // set the node type to file
  //and set the content of the file
  Node reportNode = newNode.addNode(FILE_NODE, NodeType.NT_FILE);
  Node fileNode = reportNode.addNode(Node.JCR_CONTENT, NodeType.NT_RESOURCE);

  ValueFactory valueFactory = session.getValueFactory();
  Binary b = valueFactory.createBinary(fileIn);
  LOGGER.debug("CONTENT stored id JCR_DATA_STORE ="+b+ " , "+uri);
  fileNode.setProperty(Property.JCR_DATA, b);
===============


==>  reportNode is what we are saving into VER_BUNDLE

==>  fileNode is the actual file stored into DS_JCR_DATASTORE

We are halted with our analysis as the API belongs to JCR and was not sure how 
to extract the data stored in VER_BUNDLE to DATASTORE.

Could you please let us know on how the data is stored from VER_BUNDLE to 
DATASTORE.

If you are still unclear on the case, I would like to invite you to a 
conference call so that I could loop my product expert as well.

Thanks & Regards,
Dilipkumar S
From: Justin Edelson 
[mailto:jus...@justinedelson.com<mailto:jus...@justinedelson.com>]
Sent: Friday, July 14, 2017 9:17 PM
To: d...@jackrabbit.apache.org<mailto:d...@jackrabbit.apache.org>; 
users@jackrabbit.apache.org<mailto:users@jackrabbit.apache.org>
Cc: Florence Tournikian-Lalanne 
<flala...@temenos.com<mailto:flala...@temenos.com>>; Subhransu Samant 
<subhra...@temenos.com<mailto:subhra...@temenos.com>>; Umamaheswari 
Jayachandran <umamaheswa...@temenos.com<mailto:umamaheswa...@temenos.com>>; 
Dilipkumar S <dilipkum...@temenos.com<mailto:dilipkum...@temenos.com>>
Subject: Re: FW: Information on encryption methodology of Jack Rabbit Repository

Hi, I responded to this email already. Did you see my response?

On Fri, Jul 14, 2017 at 9:13 AM Dilipkumar S 
<dilipkum...@temenos.com<mailto:dilipkum...@temenos.com>> wrote:
Hello Users & Dev,

Could someone please assist with the below case.

Thanks & Regards,
Dilipkumar S

From: Dilipkumar S
Sent: Wednesday, July 12, 2017 11:01 AM
To: 'users@jackrabbit.apache.org<mailto:users@jackrabbit.apache.org>' 
<users@jackrabbit.apache.org<mailto:users@jackrabbit.apache.org>>; 
'd...@jackrabbit.apache.org<mailto:d...@jackrabbit.apache.org>' 
<d...@jackrabbit.apache.org<mailto:d...@jackrabbit.apache.org>>
Cc: 'subhra...@temenos.com<mailto:subhra...@temenos.com>' 
<subhra...@temenos.com<mailto:subhra...@temenos.com>>; Florence 
Tournikian-Lalanne <flala...@temenos.com<mailto:flala...@temenos.com>>; 
'umamaheswa...@temenos.com<mailto:umamaheswa...@temenos.com>' 
<umamaheswa...@temenos.com<mailto:umamaheswa...@temenos.com>>
Subject: Information on encryption methodology of Jack Rabbit Repository

Hello Jack Rabbit,

Am posting this mail to you with comments posted by Julian 
Reschke<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_secure_ViewProfile.jspa-3Fname-3Dreschke&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=QIlQ8XKgYAySdlig7zy88i-BGMPiULlqkLSq3A6PsaE&e=>
 under below JIRA,

https://issues.apache.org/jira/browse/JCR-4161<https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_JCR-2D4161&d=DwMFaQ&c=U-xfQUIl-0G8P2IcZBeK3A&r=fNhsuJAWxF0tPcVT9_ztXXjtr7KgHfe3fZmWonxucms&m=oJCz9AVI8M4Gh54XCD6xa1hGW3C3iKwdSpKO29W84ZY&s=uapdvkwwFpG6TtJhSeDnKRtWIAQ6MSnrEBRM9uGqTXQ&e=>

We require your assistance with reference to Jack Rabbit repository. Here by am 
adding the detailed information of the case below:


We have a Front end API using which the reports would be generated and the 
records will be stored in Jack Rabbit repository table DS_JCR_DATASTORE.

Currently we are facing an issue under which the report generated with the 
Frontend API is not accessible using open/Save mode with below error appended 
in the logs:

===========
2017-07-03 15:10:31,462 | ERROR | defaultWIMFileBasedRealm/advisor | | | 
WebContainer : 1 | c.o.r.s.ContentRepositoryService | retrieveReport: Exception 
from the uderlying repository
javax.jcr.PathNotFoundException: aaa/report/G7893420170703691287
=============

Based on the above error, we would like to perform analysis on whether the 
report generated exists or not with the repository table DS_JCR_DATASTORE, but 
we are restricted from performing the analysis due to below constraint:

The records generated and stored with DS_JCR_DATASTORE are in encrypted format

To do the analysis we need to map the relation between a session_id from the 
API against a record_id in repository table, therefore I request you to let us 
know the steps to decrypt the encrypted data in the table.

I've attached the logs & sample data from DS_JCR_DATASTORE for your reference.

Please let me know if you require any additional information.

Thanks & Regards,
Dilipkumar S

The information in this e-mail and any attachments is confidential and may be 
legally privileged. It is intended solely for the addressee or addressees. Any 
use or disclosure of the contents of this e-mail/attachments by a not intended 
recipient is unauthorized and may be unlawful. If you have received this e-mail 
in error please notify the sender. Please note that any views or opinions 
presented in this e-mail are solely those of the author and do not necessarily 
represent those of TEMENOS. We recommend that you check this e-mail and any 
attachments against viruses. TEMENOS accepts no liability for any damage caused 
by any malicious code or virus transmitted by this e-mail.

The information in this e-mail and any attachments is confidential and may be 
legally privileged. It is intended solely for the addressee or addressees. Any 
use or disclosure of the contents of this e-mail/attachments by a not intended 
recipient is unauthorized and may be unlawful. If you have received this e-mail 
in error please notify the sender. Please note that any views or opinions 
presented in this e-mail are solely those of the author and do not necessarily 
represent those of TEMENOS. We recommend that you check this e-mail and any 
attachments against viruses. TEMENOS accepts no liability for any damage caused 
by any malicious code or virus transmitted by this e-mail.

The information in this e-mail and any attachments is confidential and may be 
legally privileged. It is intended solely for the addressee or addressees. Any 
use or disclosure of the contents of this e-mail/attachments by a not intended 
recipient is unauthorized and may be unlawful. If you have received this e-mail 
in error please notify the sender. Please note that any views or opinions 
presented in this e-mail are solely those of the author and do not necessarily 
represent those of TEMENOS. We recommend that you check this e-mail and any 
attachments against viruses. TEMENOS accepts no liability for any damage caused 
by any malicious code or virus transmitted by this e-mail.