Generate Security Key File Button

1. version

2. Function introduction

All the variable configuration information of the report is stored in the configuration database. The trial product uses the built-in HSQL database. The location is: %FR_HOME%\webapps\webroot\WEB-INF\embed\finedb. The official environment can be migrated outside In the configured database, a db.properties file is generated under /WEB-INF/config, which records the address, user name, and password of the configuration database.

It mainly acts in two aspects:

• Encryption and decryption of the database password in the db.properties file after migration

• Encryption and decryption of data connection password, email password, Fanruan pass password, etc. (not including platform user password)

In order to enhance the security of the key, the logic of the root key is now optimized.

FineReport Designer Install, check the "Generate Security Key File" button. After selection, 3 seed files will be randomly generated. The seed files are read when the project is started, and a constant public and private key is generated in the memory according to the seed. Seed file.

If the user has higher security requirements, you can check this button. As shown below:

Note 1: In the Windows environment, when the FineReport Designer is installed to C:\Program Files without writing permission, to generate a security key, right-click the installation package and select Run as administrator.

Note 2: For the method of configuring an external database, please refer to: Configuring an external database

Precautions:

• Encrypt if there is a new seed file, use the new key to encrypt

• Decrypt if there is a new seed file, use the new key to decrypt, if the decryption fails, then go to the old key to decrypt

• There is no impact on customers who upgrade the JAR package. As long as you don't manually put the seed file, you still use the old key to encrypt and decrypt

• The newly installed exe on 2020-04-26 and later uses the key generated by the seed file to encrypt the password, so the JAR package cannot be returned. After the return, there is only the old root key, and the password cannot be decrypted.