commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oliver Heger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CONFIGURATION-565) Add a getEncryptedString method in the Configuration interface
Date Mon, 03 Feb 2014 20:21:06 GMT

    [ https://issues.apache.org/jira/browse/CONFIGURATION-565?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13889867#comment-13889867
] 

Oliver Heger commented on CONFIGURATION-565:
--------------------------------------------

Sounds like a good idea in principle.

However, rather than using a hard-coded implementation for decrypting values, I would suggest
defining an interface which does the task and can be passed to the {{getEncodedString()}}
method. Then an application is free to use encoding logic whatever it wants. Also, this would
probably free us from the burden of documenting the crypto code we use. (Code using cryptographic
algorithms is subject to US export restrictions.)

> Add a getEncryptedString method in the Configuration interface
> --------------------------------------------------------------
>
>                 Key: CONFIGURATION-565
>                 URL: https://issues.apache.org/jira/browse/CONFIGURATION-565
>             Project: Commons Configuration
>          Issue Type: New Feature
>          Components: Expression engine
>    Affects Versions: 2.x
>            Reporter: Petar Tahchiev
>
> Hi guys,
> it would be really awesome if the {{Configuration}} could be created with a passphrase
(another constructor which accepts a string, let's say 'mypassphrase') and then you also add
a method in the interface (let's say getEncodedString('database.password')) so we could have
encoded properties in our properties files. Internally the method just needs to delegate to
jasypt's  {{StandardPBEStringEncryptor}} for instance
> {code}
>  StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
>             encryptor.setPassword("mypassphrase");
> encryptor.decrypt("database.password");
> {code}
> decrypt the value and then return the decrypted value. This will allow for more secure
property files.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message