felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Carsten Ziegeler <cziege...@apache.org>
Subject Re: Plaintext password in configuration files for Jetty and Webconsole
Date Sat, 23 Apr 2016 15:18:12 GMT
Antonio Sanso wrote
> hi,
> I would actually have the same question?
> Is there anything can be done here ? If not there is any plan to improve this?
> I might try to help out in this area providing a patch…
> Anyone :)?

Didn't we discuss some time back to have a crypt service and leave it up
to every component to use this service to decrypt configuration properties?

Automatic decryption e.g. in configuration admin is not really a good
idea, as this would mean everyone can get the configuration decrypted
and it's visible in the web console, in the status zip etc.

Carsten Ziegeler
Adobe Research Switzerland

To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org

View raw message