TECHNICAL NOTE
The Fasoo Packager automatically encrypts or decrypts files when they are moved to or saved in a folder on a Windows
or Linux computer. It operates as a service and is usually installed on a file server or information system where files
needing Fasoo encryption, permission control, or decryption are handled. The Packager sets permissions according to an
FED-N document class or FED-R system code and can align these permissions with those in an information system or file
repository. It is a Java program that operates using XML configuration settings.
The Fasoo Packager only encrypts plain or unencrypted files. If an encrypted file is moved or copied into the packager
monitored folders, it will not change parameters of the existing file. The decryption process decrypts any Fasoo encrypted
file moved or copied into the monitored folders.
Java Development Kit (JDK)
Fasoo server components use Java, so the packager contains JDK 1.8. If using an existing installation of a JDK is
preferred, make appropriate adjustments to the packager.xml below to accommodate it.
Copy Packager Folder
Copy the Packager folder to [Install Drive]:\Fasoo\ or /opt/Fasoo/ on a file server or system where files needing Fasoo
encryption or decryption will be saved, copied, or moved. This could be a dedicated Packager server that handles
encryption or decryption for folders on other servers or a NAS. The table below lists the Packager folders and their
contents.
Folder/file | Description |
conf\folderlist.ini | Configuration file for packager |
| external-lib | Java libraries and packager components |
| fsdinit | Security certificates and associated configuration files (copy from C:\Fasoo\FXM\webapps\fast\WEB-INF\fasoo\fsdinit) |
| application.properties | Set packager properties (edit to meet requirement) |
| packager.exe | Packager executable to run as a service |
| packager.xml | Packager service configuration file |
| Packager_dec-x.x.x.jar | Packager application |
| zulu8 | JDK files |
Application Properties Configuration
Edit application.properties to change or set parameters as needed for the Packager process. The table below describes
each setting or parameter. Examples of settings are provided in the below table in red.
Password Obfuscation
Run OBFGen_UI.bat to generate an obfuscated password for the Packager service.
This is the value of NetworkUserPWD in the Folder Properties configuration file (folderlist.ini) shown in the next section.
Fasoo can supply an OBF generator if needed. An example of the output is OBF:1j2s1jui1m0x1kfx18xr1kch1lx91jr81iy2.
1. Navigate to the \Fasoo_Packager folder.
2. Run OBFGenUI.bat and a window will appear as shown below.
This icon appears on the taskbar
3. Enter the password and click Generate as shown below.
4. Copy the OBF Value to enter it as the NetworkUserPWD in the .\conf\folderlist.ini as shown below.
# user PWD the value should be encoded.
NetworkUserPWD=OBF:18jj18jj18jj18jj
5. Exit the OBF generator window and close the command prompt if it appears.
Folder Properties Configuration
Open conf\folderlist.ini to set parameters as needed for the Packager process. The default is to process all files in the
shared folder and subfolders. Paste the obfuscated password (derived from OBFGen_UI.bat) in NetworkUserPWD. The
table below describes each setting or parameter of the file.
Item | Description or Default Value |
StartTime | Start time of the service. Set to 00:00 to always run. |
EndTime | Stop time of the service. Set to 00:00 to always run. |
FasooHome | Location of fsdinit folder. Default is \\Fasoo_Packager\\fsdinit. |
DomainCode | FED DOMAINCODE or name of license file |
PackagerType | Set to ALL |
PackMode | ENCRYPT: encrypt files DECRYPT: decrypt files |
EncType | FSN: create FED-N files FSD: create FED-R file |
MountDriveLetter | Drive letter to mount target path |
TargetMountDrive | UNC path to a shared folder. Use \\ as a delimiter between folder names. |
NetworkUserID | User ID to access shared folder |
NetworkUserPWD | Obfuscated password for user ID. Run OBF generator to generate. |
ThreadCount | Threads to encrypt or decrypt. Number should match folders. |
KeepContentMethod | ORIGINAL: keep copy of plain file before encrypting ENCRYPTED: keep copy of encrypted file in local storage to process files NONE: do not keep files in local storage |
DeleteTempFile | YES: delete temp files used during processing NO: do not delete temp files used during processing |
DelayMethod | FILE: wait the DelayTime between processing each file in the target path FOLDER: wait the DelayTime to process each folder in the target path NONE: do not wait between processing files |
DelayTime | The delay time in seconds before processing the next file or folder |
LocalStorage | Location of local storage for packager file processing |
Foldern | Folder name(s) to process under target shared folder if not encrypting or decrypting files in all folders. User Folder1, Folder2, etc. for multiple subfolders. Set Folder1=. if processing all subfolders in target. |
TmpFolder | Location of local storage for packager file processing of temp files |
ETC1 | System ID in FED console set during creation of FED-R document |
ETC2 | System or business identifier specified during creation of FED-R document |
ETC3 | File identifier specified during creation of FED-R document |
ETC4 | Optional value to set user permissions during creation of FED-R document |
ETC5 | Optional value to set user permissions during creation of FED-R document |
USERID | Set to admin for FED-N files |
USERNAME | Set to Administrator for FED-N files |
DEPTID | Set to COMPANY for FED-N files |
DEPTNAME | Set to company name defined in the organization root in the FED console |
DocumentClass | Set to FDC_CODE value in FPS_DOCUMENT_CLASS table from FED database that corresponds to required document class. Ask Fasoo for assistance. |
ACTIVETHREAD | Active threads for packager |
Concurrent | Concurrent threads for packager. Set to one less than ACTIVETHREAD. |
NotUseLocalStorage | Set to FALSE |
UseExtList | 0: process all file extensions 1: process extensions in TargetExtensions |
TargetExtensions | Target file extensions to process if UseExtList set to 1 |
Below is an example of the settings to encrypt all files in a target folder and its subfolders. The folderlist.ini is commented to assist with setting or changing parameters.
folderlist.ini parameters |
StartTime=00:00 EndTime=00:00 FasooHome=D:\\Fasoo_Packager\\Fasoo_Packager_Encrypt\\fsdinit DomainCode=0100000000004019 PackagerType=ALL PackMode=ENCRYPT EncType=FSN MountDriveLetter=M TargetMountDrive=\\\\server.fasoo.com\\drives\\Fasoo\\Encrypt NetworkUserID=sc-FasEncryptDecrypt NetworkUserPWD=OBF:1ugu17js1snt1di81dge1spx17k61ugw ThreadCount=2 KeepContentMethod=NONE DeleteTempFile=YES DelayMethod=FILE DelayTime=5 LocalStorage=D:\\Exception\\LocalStorage Folder1=. #Folder2= #Folder3= TmpFolder=D:\\Exception\\LocalStorage #FSD parameter ETC1=SYSTEMID ETC2=ACLID ETC3=FILEID ETC4=ETC4 ETC5=etc5 #FSN parameter USERID=admin USERNAME=Administrator DEPTID=COMPANY DEPTNAME=Fasoo DocumentClass=2bba423730f442e1a9db07c812542290 ACTIVETHREAD=6 Concurrent=5 NotUseLocalStorage=FALSE UseExtList=0 TargetExtensions=docx|doc|pptx|ppt|xlsx|xls|xlsm|png|pdf |
Create Encrypt Packager Service on Windows
To encrypt files, register the packager service to encrypt files. When the service is started, it will encrypt all files in the target folder(s) and subfolders.
- Edit [Install Drive]:\Fasoo\Fasoo_Packager\packager.xml to change items in red as shown below.
Item | Description |
APP_HOME | The root folder of the Packager |
JAVA_HOME | The location of the JDK installation |
packager.xml parameters | |
<service> <id>Fasoo.Packager.Encrypt</id> <name>Fasoo Packager Encrypt</name> <description>Fasoo Packager Encrypt Service</description> <env name="APP_HOME" value="C:\Fasoo\Fasoo_Packager_Encrypt"/> <env name="JAVA_HOME" value="%APP_HOME%\zulu8"/> <env name="PATH" value=" %PATH%;%APP_HOME%\external-lib;"/> <executable>%JAVA_HOME%\bin\java</executable> <arguments>-jar "%APP_HOME%\ Packager_ND-2.1.1.jar"</arguments> <logmode>rotate</logmode> <!--onfailure action="restart" delay="1 min"/--> <stopparentprocessfirst>true</stopparentprocessfirst> </service> | |
2. Open a command prompt or PowerShell as administrator and go to the
[Install Drive]:\Fasoo\Fasoo_Packager_Encrypt folder.
3. Enter packager.exe install to register the Packager service.
4. Open the Services application and verify the service created in step 3 appears.
5. Start the service and verify it starts.
6. If the service does not start, review Event Viewer and log files for errors.
7. If parameters in packager.xml are changed, run packager.exe uninstall from a command prompt or PowerShell to
remove the service, and repeat steps 3 and 4 to register the Packager service.
Test the Packager
Test the packager to verify it properly encrypts a file.
- Copy a txt, PDF or Microsoft Office (docx, pptx, xlsx) document into one of the target folder(s) defined in the folderlist.ini file.
- Verify the document in the target folder(s) is encrypted and appropriate permissions are assigned by opening the file with a Fasoo DRM client and verifying permissions.
- The file can also be opened with a text editor to verify the document is encrypted.
> DRMONE This document is encrypted and protected by Fasoo DRM is displayed in the header of the text file if the document is encrypted.
Create Decrypt Packager Service on Windows
To decrypt Fasoo protected (encrypted) files, modify the folderlist.ini and change the parameters to decrypt rather than encrypt. Register the packager service to decrypt files. When the service is started, it will decrypt all the files in the target folder(s) and subfolders.
1. Edit [Install Drive]:\Fasoo\Fasoo_Packager\packager.xml to change items in red as shown below.
Item | Description |
APP_HOME | The root folder of the Packager |
JAVA_HOME | The location of the JDK installation |
packager.xml parameters | |
<service> <id>Fasoo.Packager.Decrypt</id> <name>Fasoo Packager Decrypt</name> <description>Fasoo Packager Decrypt Service</description> <env name="APP_HOME" value="C:\Fasoo\Fasoo_Packager_Decrypt"/> <env name="JAVA_HOME" value="%APP_HOME%\zulu8"/> <env name="PATH" value=" %PATH%;%APP_HOME%\external-lib;"/> <executable>%JAVA_HOME%\bin\java</executable> <arguments>-jar "%APP_HOME%\ Packager_ND-2.1.1.jar"</arguments> <logmode>rotate</logmode> <!--onfailure action="restart" delay="1 min"/--> <stopparentprocessfirst>true</stopparentprocessfirst> </service> | |
2. Open a command prompt or PowerShell as administrator and go to the
[Install Drive]:\Fasoo\Fasoo_Packager_Encrypt folder.
3. Enter packager.exe install to register the Packager service.
4. Open the Services application and verify the service created in step 3 appears.
5. Start the service and verify it starts.
6. If the service does not start, review Event Viewer and log files for errors.
7. If parameters in packager.xml are changed, run packager.exe uninstall from a command prompt or PowerShell to
remove the service, and repeat steps 3 and 4 to register the Packager service.
Test the Packager
Test the packager to verify it properly decrypts a file.
1. Copy a Fasoo protected (encrypted) txt, PDF or Microsoft Office (docx, pptx, xlsx) document into the target folder(s) defined in the
folderlist.ini file.
2. Verify the document in the target folder(s) decrypted.
Remove Packager Service on Windows
1. Open a command prompt or PowerShell as administrator and go to the appropriate
[Install Drive]:\Fasoo\Fasoo_Packager folder.
2. Enter packager.exe stop to stop the Packager service.
3. Enter packager.exe uninstall to remove the Packager service.
4. Open the Services application and verify the service does not appear.