Copy link to clipboard
Copied
I have to update the connection string property in about 200 datasources in CF admin on mutiple servers. I'm looking for an easier wasy to do this instead of editing each datasource, perhaps editing a file or something. Does anyone have any suggestions on how to do that?
Yes, you could.. And note that the json file does NOT have unencrypted passwords. It holds what the neo-datasource.xml file holds for the same passwords: they ARE encrypted, by cf.
The issue (as I discuss in the talk and is discussed in the cf docs) is that the json file ALSO includes the encryption KEY. As such, someone who has the json file can import that into ANY cf instance (as that instance would use that key to decrypt it, then it would be encrypted by the key in the instance, to be sav
...Copy link to clipboard
Copied
There are at least a couple of options. You haven't said what cf version you're running. Cf2021 added a command line cfsetup tool that allows editing such admin settings. (See the docs on that, or a talk on did a few weeks ago, at carehart.org/presentations.)
Or you can also directly edit the neo-datasource.xml file, in the cfusion/lib folder,.if a global find/replace might work. (Be sure to save a copy of the file before editing it.) Then restart cf for the change to take effect.
Copy link to clipboard
Copied
Thank you for suggesting both options. I'm using CF2021.
I watched your presentation Using Adobe's CFSetup tool to manage CF Admin settings for ANY CF version, C. Arehart--CFMeetup #299 and its super helpful on this subject! I'm especially interested in utilizing this tool and export/import with CF in Docker so I'll be watching your other presentations.
Lets say I export datasources in json file. Can I edit this json file (No setup passphrase) and update the keySetting called args (connection string in CFadmin GUI) setting, save it, then re-import the file? I think I would delete the json file since its not encrypted as suggested. I would like to explore this tool before editing the neo file.
Copy link to clipboard
Copied
Yes, you could.. And note that the json file does NOT have unencrypted passwords. It holds what the neo-datasource.xml file holds for the same passwords: they ARE encrypted, by cf.
The issue (as I discuss in the talk and is discussed in the cf docs) is that the json file ALSO includes the encryption KEY. As such, someone who has the json file can import that into ANY cf instance (as that instance would use that key to decrypt it, then it would be encrypted by the key in the instance, to be saved in its neo-datasource.xml file) .
And so that's why the cfsetup export offers an option to also choose a passkey, which encrypts that encrypted password in the file. 🙂 Then one can only import the json IF they provide that passkey.
Honestly, if a global find/replace on the neo-datasource.xml file can be done (to change what you need--and ONLY what you need), that would be one step rather than a few. 🙂
Either way, let us know how it goes.