Issue Summary

Using an XML backup for migration between different OS types (Windows/Linux) causes encryption/decryption issues due to the OS-dependent path separator used.

Comparing the XML export of two similarly configured Crowds shows the difference in the XML file:

• Export on the Linux has this in the XML:

          <attribute>
            <name>ldap.password</name>
            <value>{AES_CBC_PKCS5Padding}{"keyFilePath":"KEY_DIR/javax.crypto.spec.SecretKeySpec_1634770500887","serializedSealedObject":"<encrypted_text>"}</value>
          </attribute>
  

• Export on the Windows has this in the XML:

          <attribute>
            <name>ldap.password</name>
            <value>{AES_CBC_PKCS5Padding}{"keyFilePath":"KEY_DIR\\javax.crypto.spec.SecretKeySpec_1649938958746","serializedSealedObject":"<encrypted_text>"}</value>
          </attribute>
  

After importing the XML backup from different types of OS, users cannot log in due to this issue.

This is reproducible on Data Center: yes

Steps to Reproduce

1. Generate an XML backup of the Crowd environment that is installed Windows server
2. Import it to the Crowd environment that is installed on a Linux server
3. Try to login

Expected Results

Crowd can find the encryption/decryption file successfully and the user can log in to the system.

Actual Results

Crowd couldn't find the encryption/decryption file and the below exception is thrown in the atlassian-crowd.log file:

YYY-MM-DD HH:MM:SS,XYZ http-nio-127.0.0.1-8095-exec-3 ERROR [ciphers.algorithm.serialization.SerializationFile] Couldn't read file needed for encryption/decryption. Tried to read file under: /var/lib/crowd/shared/keys\javax.crypto.spec.SecretKeySpec_XYZ
java.io.FileNotFoundException: /var/lib/crowd/shared/keys\javax.crypto.spec.SecretKeySpec_XYZ (No such file or directory)

Workaround

Manually editing all the occurrences of keyFilePath values according to the destination environments OS path solves the issue.