felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From peter.kri...@aqute.biz
Subject Re: Plaintext password in configuration files for Jetty and Webconsole
Date Sat, 23 Apr 2016 16:12:24 GMT
You could adjust cm to recognize a macro and expand that macro to something local like a file,
a system property, or an environment variable.

That is how I solved it in the Configurer. Works very well on Travis that allows you to configure
with encrypted data that is decrypted as environment variables.

Peter Kriens

Sent from my iPhone

> On Apr 23, 2016, at 11:18 AM, Carsten Ziegeler <cziegeler@apache.org> wrote:
> 
> Antonio Sanso wrote
>> hi,
>> 
>> I would actually have the same question?
>> 
>> Is there anything can be done here ? If not there is any plan to improve this?
>> I might try to help out in this area providing a patch…
>> 
>> Anyone :)?
> 
> Didn't we discuss some time back to have a crypt service and leave it up
> to every component to use this service to decrypt configuration properties?
> 
> Automatic decryption e.g. in configuration admin is not really a good
> idea, as this would mean everyone can get the configuration decrypted
> and it's visible in the web console, in the status zip etc.
> 
> Regards
> Carsten
> -- 
> Carsten Ziegeler
> Adobe Research Switzerland
> cziegeler@apache.org
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org


Mime
View raw message