deltaspike-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r1013405 - in /websites/staging/deltaspike/trunk/content: ./ documentation/
Date Sat, 03 Jun 2017 13:07:20 GMT
Author: buildbot
Date: Sat Jun  3 13:07:20 2017
New Revision: 1013405

Log:
Staging update by buildbot for deltaspike

Added:
    websites/staging/deltaspike/trunk/content/documentation/encryption.html
Modified:
    websites/staging/deltaspike/trunk/content/   (props changed)
    websites/staging/deltaspike/trunk/content/documentation/build.html
    websites/staging/deltaspike/trunk/content/documentation/configuration.html
    websites/staging/deltaspike/trunk/content/documentation/configure.html
    websites/staging/deltaspike/trunk/content/documentation/core.html
    websites/staging/deltaspike/trunk/content/documentation/scheduler.html
    websites/staging/deltaspike/trunk/content/documentation/snapshots.html

Propchange: websites/staging/deltaspike/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sat Jun  3 13:07:20 2017
@@ -1 +1 @@
-1794542
+1797499

Modified: websites/staging/deltaspike/trunk/content/documentation/build.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/build.html (original)
+++ websites/staging/deltaspike/trunk/content/documentation/build.html Sat Jun  3 13:07:20
2017
@@ -277,7 +277,7 @@ table.CodeRay td.code>pre{padding:0}
 <p>The DeltaSpike source (modules and examples) is provided for inspection, contribution
and testing purposes. The source must be built with Maven, which has been used to automate
the compilation, testing and packaging processes. Arquillian tests are included with the source
and a CDI implementation or container can be specified with which to carry out the tests.</p>
 </div>
 <div class="paragraph">
-<p>In all cases, to obtain the DeltaSpike source, <a href="https://deltaspike.apache.org/download.html">download</a>
<code>deltaspike-project-1.7.2-source-release.zip</code> and extract the contents.</p>
+<p>In all cases, to obtain the DeltaSpike source, <a href="https://deltaspike.apache.org/download.html">download</a>
<code>deltaspike-project-1.8.0-source-release.zip</code> and extract the contents.</p>
 </div>
 <div class="admonitionblock note">
 <table>
@@ -301,7 +301,7 @@ You can also obtain the DeltaSpike sourc
 </div>
 <div class="listingblock">
 <div class="content">
-<pre class="CodeRay highlight"><code data-lang="shell">$ cd /path/to/deltaspike-project-1.7.2/
+<pre class="CodeRay highlight"><code data-lang="shell">$ cd /path/to/deltaspike-project-1.8.0/
 $ mvn clean install</code></pre>
 </div>
 </div>

Modified: websites/staging/deltaspike/trunk/content/documentation/configuration.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/configuration.html (original)
+++ websites/staging/deltaspike/trunk/content/documentation/configuration.html Sat Jun  3
13:07:20 2017
@@ -1071,12 +1071,22 @@ log.</p>
 <div class="content">
 <pre class="CodeRay highlight"><code data-lang="java"><span class="directive">public</span>
<span class="type">class</span> <span class="class">DecryptingConfigFilter</span>
<span class="directive">implements</span> ConfigFilter
 {
+    <span class="directive">private</span> DefaultCipherService ciperSvc = <span
class="keyword">new</span> DefaultCipherService();
+    <span class="directive">private</span> <span class="predefined-type">String</span>
masterSalt = <span class="string"><span class="delimiter">&quot;</span><span
class="content">someApplicationMasterSalt</span><span class="delimiter">&quot;</span></span>;
+
     <span class="annotation">@Override</span>
     <span class="directive">public</span> <span class="predefined-type">String</span>
filterValue(<span class="predefined-type">String</span> key, <span class="predefined-type">String</span>
value)
     {
-        <span class="keyword">if</span> (key.contains(<span class="string"><span
class="delimiter">&quot;</span><span class="content">encrypted</span><span
class="delimiter">&quot;</span></span>))
+        <span class="keyword">if</span> (key.contains(<span class="string"><span
class="delimiter">&quot;</span><span class="content">password</span><span
class="delimiter">&quot;</span></span>))
         {
-            <span class="keyword">return</span> decrypt(value);
+            <span class="keyword">try</span>
+            {
+                <span class="keyword">return</span> cipherSvc.decrypt(value,
masterSalt);
+            }
+            <span class="keyword">catch</span> (<span class="exception">Exception</span>
e)
+            {
+                <span class="keyword">return</span> value;
+            }
         }
         <span class="keyword">return</span> value;
     }
@@ -1084,15 +1094,23 @@ log.</p>
     <span class="annotation">@Override</span>
     <span class="directive">public</span> <span class="predefined-type">String</span>
filterValueForLog(<span class="predefined-type">String</span> key, <span class="predefined-type">String</span>
value)
     {
-        <span class="keyword">return</span> <span class="string"><span
class="delimiter">&quot;</span><span class="content">&lt;value encrypted&gt;</span><span
class="delimiter">&quot;</span></span>;
+        <span class="keyword">if</span> (key.contains(<span class="string"><span
class="delimiter">&quot;</span><span class="content">password</span><span
class="delimiter">&quot;</span></span>))
+        {
+            <span class="keyword">return</span> <span class="string"><span
class="delimiter">&quot;</span><span class="content">***************</span><span
class="delimiter">&quot;</span></span>;
+        }
+
+        <span class="keyword">return</span> value;
     }
 }</code></pre>
 </div>
 </div>
 <div class="paragraph">
+<p>For more information about the <code>CipherService</code> please see
the <a href="encryption.html">Encryption</a> section.</p>
+</div>
+<div class="paragraph">
 <p>Since 1.8.0 you can also decorate a CDI <code>ConfigFilter</code> with
<code>@Filter</code> and it will
-be added to DeltaSpike configuration <strong>once the CDI container is started</strong>
(it means
-you can&#8217;t use this source in an <code>Extension</code>).</p>
+be added to DeltaSpike configuration <strong>once the CDI container is started</strong>
(Note that this means
+you can&#8217;t use this ConfigFilter in a CDI <code>Extension</code>).</p>
 </div>
 </div>
 </div>

Modified: websites/staging/deltaspike/trunk/content/documentation/configure.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/configure.html (original)
+++ websites/staging/deltaspike/trunk/content/documentation/configure.html Sat Jun  3 13:07:20
2017
@@ -309,7 +309,7 @@ You can also opt to use the lastest Delt
 <div class="listingblock">
 <div class="content">
 <pre class="CodeRay highlight"><code data-lang="xml"><span class="tag">&lt;properties&gt;</span>
-    <span class="tag">&lt;deltaspike.version&gt;</span>1.7.2<span
class="tag">&lt;/deltaspike.version&gt;</span>
+    <span class="tag">&lt;deltaspike.version&gt;</span>1.8.0<span
class="tag">&lt;/deltaspike.version&gt;</span>
 <span class="tag">&lt;/properties&gt;</span></code></pre>
 </div>
 </div>
@@ -418,7 +418,7 @@ repositories {
 }
 dependencyManagement {
     imports {
-        mavenBom 'org.apache.deltaspike.distribution:distributions-bom:1.7.2'
+        mavenBom 'org.apache.deltaspike.distribution:distributions-bom:1.8.0'
     }
 }
 dependencies {

Modified: websites/staging/deltaspike/trunk/content/documentation/core.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/core.html (original)
+++ websites/staging/deltaspike/trunk/content/documentation/core.html Sat Jun  3 13:07:20
2017
@@ -300,6 +300,14 @@ mechanisms. Configuration can be overrid
 <div class="paragraph">
 <p>Detailed documentation is available on a separate page: <a href="configuration.html">Configuration</a>.</p>
 </div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_deltaspike_cipherservice">DeltaSpike CipherService</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Apache DeltaSpike also provides an <a href="encryption.html">Encryption</a>
mechanism for handling secret values within your application.</p>
+</div>
 <div class="sect2">
 <h3 id="_internal_configuration">Internal configuration</h3>
 <div class="paragraph">
@@ -1961,7 +1969,8 @@ objects, the last object in the array wi
                     <div class="fallback-toc">
                         <ul class="sectlevel1">
 <li><a href="#_project_setup">Project Setup</a></li>
-<li><a href="#_deltaspike_configuration">DeltaSpike Configuration</a>
+<li><a href="#_deltaspike_configuration">DeltaSpike Configuration</a></li>
+<li><a href="#_deltaspike_cipherservice">DeltaSpike CipherService</a>
 <ul class="sectlevel2">
 <li><a href="#_internal_configuration">Internal configuration</a></li>
 </ul>

Added: websites/staging/deltaspike/trunk/content/documentation/encryption.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/encryption.html (added)
+++ websites/staging/deltaspike/trunk/content/documentation/encryption.html Sat Jun  3 13:07:20
2017
@@ -0,0 +1,446 @@
+<!DOCTYPE html>
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="deltaspike-generate-pages">
+    <meta name="author" content="chm">
+    <!-- No caching headers -->
+    <meta http-equiv="cache-control" content="no-cache"/>
+    <meta http-equiv="pragma" content="no-cache"/>
+    <meta http-equiv="expires" content="-1"/>
+
+    <title>DeltaSpike Crypto Mechanism</title>
+
+    <!--
+        Licensed to the Apache Software Foundation (ASF) under one
+        or more contributor license agreements.  See the NOTICE file
+        distributed with this work for additional information
+        regarding copyright ownership.  The ASF licenses this file
+        to you under the Apache License, Version 2.0 (the
+        "License"); you may not use this file except in compliance
+        with the License.  You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+        Unless required by applicable law or agreed to in writing,
+        software distributed under the License is distributed on an
+        "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+        KIND, either express or implied.  See the License for the
+        specific language governing permissions and limitations
+        under the License.
+    -->
+
+    <!-- Styles -->
+    <link href="https://deltaspike.apache.org/resources/css/bootstrap.css" rel="stylesheet">
+    <link href="https://deltaspike.apache.org/resources/css/bootstrap-responsive.css"
rel="stylesheet">
+    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.1.0/css/font-awesome.min.css"
rel="stylesheet">
+
+    
+
+    
+        <!-- Tocify - nice dynamic autoscrolling TOC -->
+        <link href="https://cdnjs.cloudflare.com/ajax/libs/jquery.tocify/1.9.0/stylesheets/jquery.tocify.min.css"
rel="stylesheet">
+        <script src="https://code.jquery.com/jquery-1.11.3.min.js"></script>
+        <script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js"></script>
+        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.tocify/1.9.0/javascripts/jquery.tocify.min.js"></script>
+
+
+        <script type="text/javascript">
+            $(function () {
+                $("#toc").tocify({
+                    scrollTo: 50,
+                    extendPage: true,
+                    context: "#doc-content",
+                    selectors: "h2,h3,h4,h5"
+                });
+                $(".fallback-toc").hide();
+            });
+        </script>
+    
+
+    <style type="text/css">
+        /* Stylesheet for CodeRay to match GitHub theme | MIT License | http://foundation.zurb.com
*/
+/*pre.CodeRay {background-color:#f7f7f8;}*/
+.CodeRay .line-numbers{border-right:1px solid #d8d8d8;padding:0 0.5em 0 .25em}
+.CodeRay span.line-numbers{display:inline-block;margin-right:.5em;color:rgba(0,0,0,.3)}
+.CodeRay .line-numbers strong{font-weight: normal}
+table.CodeRay{border-collapse:separate;border-spacing:0;margin-bottom:0;border:0;background:none}
+table.CodeRay td{vertical-align: top}
+table.CodeRay td.line-numbers{text-align:right}
+table.CodeRay td.line-numbers>pre{padding:0;color:rgba(0,0,0,.3)}
+table.CodeRay td.code{padding:0 0 0 .5em}
+table.CodeRay td.code>pre{padding:0}
+.CodeRay .debug{color:#fff !important;background:#000080 !important}
+.CodeRay .annotation{color:#007}
+.CodeRay .attribute-name{color:#000080}
+.CodeRay .attribute-value{color:#700}
+.CodeRay .binary{color:#509}
+.CodeRay .comment{color:#998;font-style:italic}
+.CodeRay .char{color:#04d}
+.CodeRay .char .content{color:#04d}
+.CodeRay .char .delimiter{color:#039}
+.CodeRay .class{color:#458;font-weight:bold}
+.CodeRay .complex{color:#a08}
+.CodeRay .constant,.CodeRay .predefined-constant{color:#008080}
+.CodeRay .color{color:#099}
+.CodeRay .class-variable{color:#369}
+.CodeRay .decorator{color:#b0b}
+.CodeRay .definition{color:#099}
+.CodeRay .delimiter{color:#000}
+.CodeRay .doc{color:#970}
+.CodeRay .doctype{color:#34b}
+.CodeRay .doc-string{color:#d42}
+.CodeRay .escape{color:#666}
+.CodeRay .entity{color:#800}
+.CodeRay .error{color:#808}
+.CodeRay .exception{color:inherit}
+.CodeRay .filename{color:#099}
+.CodeRay .function{color:#900;font-weight:bold}
+.CodeRay .global-variable{color:#008080}
+.CodeRay .hex{color:#058}
+.CodeRay .integer,.CodeRay .float{color:#099}
+.CodeRay .include{color:#555}
+.CodeRay .inline{color:#00}
+.CodeRay .inline .inline{background:#ccc}
+.CodeRay .inline .inline .inline{background:#bbb}
+.CodeRay .inline .inline-delimiter{color:#d14}
+.CodeRay .inline-delimiter{color:#d14}
+.CodeRay .important{color:#555;font-weight:bold}
+.CodeRay .interpreted{color:#b2b}
+.CodeRay .instance-variable{color:#008080}
+.CodeRay .label{color:#970}
+.CodeRay .local-variable{color:#963}
+.CodeRay .octal{color:#40e}
+.CodeRay .predefined{color:#369}
+.CodeRay .preprocessor{color:#579}
+.CodeRay .pseudo-class{color:#555}
+.CodeRay .directive{font-weight:bold}
+.CodeRay .type{font-weight:bold}
+.CodeRay .predefined-type{color:inherit}
+.CodeRay .reserved,.CodeRay .keyword {color:#000;font-weight:bold}
+.CodeRay .key{color:#808}
+.CodeRay .key .delimiter{color:#606}
+.CodeRay .key .char{color:#80f}
+.CodeRay .value{color:#088}
+.CodeRay .regexp .delimiter{color:#808}
+.CodeRay .regexp .content{color:#808}
+.CodeRay .regexp .modifier{color:#808}
+.CodeRay .regexp .char{color:#d14}
+.CodeRay .regexp .function{color:#404;font-weight:bold}
+.CodeRay .string{color:#d20}
+.CodeRay .string .string .string{background:#ffd0d0}
+.CodeRay .string .content{color:#d14}
+.CodeRay .string .char{color:#d14}
+.CodeRay .string .delimiter{color:#d14}
+.CodeRay .shell{color:#d14}
+.CodeRay .shell .delimiter{color:#d14}
+.CodeRay .symbol{color:#990073}
+.CodeRay .symbol .content{color:#a60}
+.CodeRay .symbol .delimiter{color:#630}
+.CodeRay .tag{color:#008080}
+.CodeRay .tag-special{color:#d70}
+.CodeRay .variable{color:#036}
+.CodeRay .insert{background:#afa}
+.CodeRay .delete{background:#faa}
+.CodeRay .change{color:#aaf;background:#007}
+.CodeRay .head{color:#f8f;background:#505}
+.CodeRay .insert .insert{color:#080}
+.CodeRay .delete .delete{color:#800}
+.CodeRay .change .change{color:#66f}
+.CodeRay .head .head{color:#f4f}
+
+        body {
+            padding-top: 60px;
+            padding-bottom: 40px;
+        }
+
+        .toc-like {
+            border-radius: 6px;
+            border: 1px solid #ccc;
+        }
+
+        .toc-like li {
+            line-height: 30px;
+            text-indent: 10px;
+        }
+
+        .toc-like li.custom-toc-header {
+            font-weight: bold;
+            background: #666;
+            color: white;
+            cursor: initial !important;
+            padding: 5px;
+        }
+
+        .toc-like li.custom-toc-header a {
+            color: white;
+            font-style: normal;
+            text-shadow: none;
+            padding: 0;
+        }
+
+        .toc-like li.custom-toc-header:hover a {
+            background: #666;
+        }
+
+        .page-title {
+            text-align: left;
+        }
+
+        #doc-content h2,
+        #doc-content h3,
+        #doc-content h4,
+        #doc-content h5,
+        #doc-content h6 {
+            padding-top: 0;
+            margin-top: 25px;
+            margin-bottom: 10px;
+            line-height: 1.4em;
+        }
+
+        #doc-content h2 {
+            border-bottom: 1px solid lightgrey;
+        }
+
+
+    </style>
+
+    <script type="text/javascript">
+
+        var _gaq = _gaq || [];
+        _gaq.push(['_setAccount', 'UA-36103647-1']);
+        _gaq.push(['_trackPageview']);
+
+        (function () {
+            var ga = document.createElement('script');
+            ga.type = 'text/javascript';
+            ga.async = true;
+            ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www')
+ '.google-analytics.com/ga.js';
+            var s = document.getElementsByTagName('script')[0];
+            s.parentNode.insertBefore(ga, s);
+        })();
+
+    </script>
+</head>
+
+<body>
+
+<div class="navbar navbar-fixed-top">
+    <div class="navbar-inner">
+        <div class="container">
+            <a class="btn btn-navbar" data-toggle="collapse"
+               data-target=".nav-collapse"> <span class="icon-bar"></span>
<span
+            class="icon-bar"></span> <span class="icon-bar"></span>
+            </a>
+            <a class="brand logocolor" href="../index.html">Apache DeltaSpike</a>
+
+            <div class="nav-collapse">
+
+                
+                <ul class="nav">
+                    <li><a href="../index.html">Home</a></li>
+                    <li class="active"><a href="../documentation">Documentation</a></li>
+                    <li  ><a href="../javadoc.html">Javadoc</a></li>
+                    <li ><a href="../source.html">Source</a></li>
+                    <li ><a href="../download.html">Download</a></li>
+                    <li ><a href="../community.html">Community</a></li>
+                    <!-- <li><a href="./support.html">Support</a></li>
 -->
+                    <li ><a href="../news.html">News</a></li>
+                </ul>
+            </div>
+            <!--/.nav-collapse -->
+            <form id="search-form" action="https://www.google.com/search"
+                  method="get" class="navbar-search pull-right">
+                <input value="deltaspike.apache.org" name="sitesearch"
+                       type="hidden"> <input class="search-query" name="q"
+                                             id="query" type="text">
+            </form>
+        </div>
+    </div>
+</div>
+
+<div class="container">
+    <div class="row-fluid">
+
+        
+
+        <div class="span8">
+            <div class="page-title">
+                <h1>DeltaSpike Crypto Mechanism</h1>
+            </div>
+
+            <div id="doc-content">
+                <div class="sect1">
+<h2 id="_introduction">Introduction</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Many applications still use plaintext to store sensitive information.
+This should be avoided to not loose sensible user information in case of a security breach.</p>
+</div>
+<div class="paragraph">
+<p>Apache DeltaSpike provides a mechanism to encrypt and decrypt secured information
to better guard such information.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_the_algorithm">The Algorithm</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>DeltaSpike provides encryption based on a split secret approach.
+Many systems (like Maven, Jenkins) store the hash of a 'master password' in the users home
folder.
+This master hash is then used to encrypt/decrypt the actual passwords.
+If an attacker manages to get his hands on the content of the database then he still cannot
do much with the encrypted content stored therein.
+He would also need the content of the file containing the master password.</p>
+</div>
+<div class="paragraph">
+<p>DeltaSpike improves this mechanism by adding an additional secret (<code>masterSalt</code>)
which needs to be provided by the application.
+With this approach we add an additional obstacle for any attacker.
+The attacker would now not only need the file from the users home folder but also need to
debug and reconstruct the application.
+This approach additionally has the benefit to be able to store and use multiple different
master passwords at the same time.</p>
+</div>
+<div class="paragraph">
+<p>That means that DeltaSpike needs 3 different pieces</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>the encryted content. E.g. a password stored in some property file or in the database</p>
+</li>
+<li>
+<p>The <code>~/.deltaspike/master.hash</code> file containing the previously
set master password.</p>
+</li>
+<li>
+<p>the <code>masterSalt</code> provided by the application and while setting
the master password.</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>All that still does <strong>not</strong> create absolute security, mostly
because there is no such thing like <em>absolute</em> security!</p>
+</div>
+<div class="paragraph">
+<p>Each system which claims absolute security is to be taken with caution.</p>
+</div>
+<div class="paragraph">
+<p>But this handling will drastically improve the security of your application.
+See the section about the <code>masterSalt</code> for more tips to strengthten
security.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_using_the_command_line_interface">Using the Command Line Interface</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Apache DeltaSpike also contains CLI commands to store the <code>masterPassword</code>
and encrypt user values.</p>
+</div>
+<div class="paragraph">
+<p>The first step is to create a master hash.
+It is by default stored in the users home folder at <code>~/.deltaspike/master.hash</code>.
+For creating a master hash you need to use a <code>masterPassword</code> and
a <code>masterSalt</code></p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="CodeRay highlight"><code data-lang="bash">$&gt; java -jar deltaspike-core-impl.jar
encode -masterPassword myMasterPassword -masterSalt myMasterSalt
+A new master password got set. Hash key is cbd90f294dc4ed3d1113a98107fabbc370b303c4a5e3208c2df3e0326c31499c</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>You can now go on and encrypt your plaintext information:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="CodeRay highlight"><code data-lang="bash">$&gt; java -jar deltaspike-core-impl.jar
encode -plaintext textOneWantsToEncrypt -masterSalt myMasterSalt
+Encrypted value: 9d4196aa28d83a08b32752966aa5f4aa41c359fec847fdad3565241bb5e2df12</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The encrypted value can then be stored in the databas, config files, etc.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_the_masterpassword">The masterPassword</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>The masterPassword is used to protect the secret.
+Note that it&#8217;s not possible to reconstruct the masterPassword from the master.hash
file.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_providing_a_mastersalt">Providing a masterSalt</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>The <code>masterSalt</code> is not used to encrypt the secrets but it
only protects the <code>masterPassword</code> in the <code>master.hash</code>
file.
+This means that the masterSalt could be either static or even change over time.</p>
+</div>
+<div class="paragraph">
+<p>The <code>masterSalt</code> could also be a combined local information.
+As an example we take the local IP address and the user name running the application.</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="CodeRay highlight"><code data-lang="java"><span class="predefined-type">String</span>
localInformation = <span class="predefined-type">InetAddress</span>.getLocalHost().getHostAddress()
+ <span class="predefined-type">System</span>.getProperty(<span class="string"><span
class="delimiter">&quot;</span><span class="content">user.name</span><span
class="delimiter">&quot;</span></span>);
+<span class="predefined-type">String</span> masterSalt = sha1(localInformation);</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Note the usage of the hash.
+Otherwise it would be too obvious how the masterSalt gets constructed
+If this code is well hidden within the application code it is really hard for an attacker
to find out how it is determined.
+Otoh this hash can easily be constructed on the command line with classic unix tools like
<code>sha1sum</code></p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="_programmatic_usage">Programmatic usage</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>A program could either inject a CipherService or create a new DefaultCipherService
to programmatically decrypt values.
+A usr could also provide a <code>ConfigFilter</code> to apply decryption on encrypted
configuration values on the fly</p>
+</div>
+</div>
+</div>
+            </div>
+        </div>
+
+        
+            <div class="span4">
+                <div id="toc">
+                    <div class="moduledeps">
+                        <ul class="toc-like nav nav-list">
+                            
+                            
+                            
+                        </ul>
+                    </div>
+                </div>
+                
+                    <div class="fallback-toc">
+                        <ul class="sectlevel1">
+<li><a href="#_introduction">Introduction</a></li>
+<li><a href="#_the_algorithm">The Algorithm</a></li>
+<li><a href="#_using_the_command_line_interface">Using the Command Line Interface</a></li>
+<li><a href="#_the_masterpassword">The masterPassword</a></li>
+<li><a href="#_providing_a_mastersalt">Providing a masterSalt</a></li>
+<li><a href="#_programmatic_usage">Programmatic usage</a></li>
+</ul>
+                    </div>
+                
+            </div>
+        
+
+    </div>
+    <div class="row">
+        <hr>
+        <footer>
+            <p>Copyright &copy; 2011-2016 The Apache Software Foundation,
+                Licensed under the Apache License, Version 2.0.</p>
+
+            <p>Apache and the Apache feather logo are trademarks of The Apache Software
Foundation.</p>
+        </footer>
+    </div>
+</div>
+
+</body>
+</html>
\ No newline at end of file

Modified: websites/staging/deltaspike/trunk/content/documentation/scheduler.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/scheduler.html (original)
+++ websites/staging/deltaspike/trunk/content/documentation/scheduler.html Sat Jun  3 13:07:20
2017
@@ -609,7 +609,7 @@ Such an adapter just needs to implement
 <div class="sectionbody">
 <div class="paragraph">
 <p>It is possible to replace the default integration with Quartz. Any scheduler that
supports cron-expressions for job-classes can be used.
-For more information, see <a href="https://deltaspike.apache.org/javadoc/1.7.2/org/apache/deltaspike/scheduler/spi/Scheduler.html">Scheduler
javadoc</a>.</p>
+For more information, see <a href="https://deltaspike.apache.org/javadoc/1.8.0/org/apache/deltaspike/scheduler/spi/Scheduler.html">Scheduler
javadoc</a>.</p>
 </div>
 </div>
 </div>

Modified: websites/staging/deltaspike/trunk/content/documentation/snapshots.html
==============================================================================
--- websites/staging/deltaspike/trunk/content/documentation/snapshots.html (original)
+++ websites/staging/deltaspike/trunk/content/documentation/snapshots.html Sat Jun  3 13:07:20
2017
@@ -343,7 +343,7 @@ Snapshots provide previews of DeltaSpike
 <div class="listingblock">
 <div class="content">
 <pre class="CodeRay highlight"><code data-lang="xml"><span class="tag">&lt;properties&gt;</span>
-    <span class="tag">&lt;deltaspike.version&gt;</span>1.8.0-SNAPSHOT<span
class="tag">&lt;/deltaspike.version&gt;</span>
+    <span class="tag">&lt;deltaspike.version&gt;</span>1.8.1-SNAPSHOT<span
class="tag">&lt;/deltaspike.version&gt;</span>
 <span class="tag">&lt;/properties&gt;</span></code></pre>
 </div>
 </div>



Mime
View raw message