I’m using Openfire 4.6.0 and it seems like property encryption via security.xml is not working. My security.xml looks like:
<security>
<encrypt>...</encrypt>
<ldap><adminPassword>secret</adminPassword></ldap>
</security>
I see ‘ldap.adminPassword’ in the ofProperty table but it’s unencrypted.
I traced the issue down to this line of code: https://github.com/igniterealtime/Openfire/blob/master/xmppserver/src/main/java/org/jivesoftware/util/XMLProperties.java#L692
The database property seems to be decrypted when the XML property is removed from security.xml.
I tested removing that line and it resolved the issue. I haven’t tested or checked if this change affects anything else though. I can post a PR if it helps.
Let me know if there are any questions.
Thanks,
Victor