felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Carsten Ziegeler (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-4599) Support Encryption Of Configuration Properties
Date Fri, 13 Feb 2015 07:09:12 GMT

    [ https://issues.apache.org/jira/browse/FELIX-4599?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14319678#comment-14319678

Carsten Ziegeler commented on FELIX-4599:

Right, one way would be to mark these properties with metatype info (using the PASSWORD type)
and we could handle that accordingly. However, this fails short if the metatype info is not
present when the dump is created.

>From this I deduct two requirements:
- sensitive information should not be put in plain text to disk
- sensitive information should not be visible to any user in plain text (web console, JMX

With the second requirement, this means the config property itself needs to be encrypted and
at least the decryption needs to be handled within the component using it - or in other words,
forget my idea from yesterday :) But it's important that we agree on the requirements first.

> Support Encryption Of Configuration Properties
> ----------------------------------------------
>                 Key: FELIX-4599
>                 URL: https://issues.apache.org/jira/browse/FELIX-4599
>             Project: Felix
>          Issue Type: New Feature
>          Components: Configuration Admin
>            Reporter: Dominique Jäggi
> Currently it is not possible to define configuration properties, the contents of which
should be automatically encrypted upon save by the configuration admin.
> An example would be a mail server configuration, where SMTP credentials must specified
and the password should be encrypted upon saving the configuration. The encrypted password
should then be accessible and decryptable in the component to which the configuration is bound.

This message was sent by Atlassian JIRA

View raw message