Return-Path: X-Original-To: apmail-felix-users-archive@minotaur.apache.org Delivered-To: apmail-felix-users-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4A4E019A29 for ; Sat, 23 Apr 2016 16:12:34 +0000 (UTC) Received: (qmail 9220 invoked by uid 500); 23 Apr 2016 16:12:33 -0000 Delivered-To: apmail-felix-users-archive@felix.apache.org Received: (qmail 9151 invoked by uid 500); 23 Apr 2016 16:12:33 -0000 Mailing-List: contact users-help@felix.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@felix.apache.org Delivered-To: mailing list users@felix.apache.org Received: (qmail 9139 invoked by uid 99); 23 Apr 2016 16:12:33 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 23 Apr 2016 16:12:33 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id CE938C0FE3 for ; Sat, 23 Apr 2016 16:12:32 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 0.03 X-Spam-Level: X-Spam-Status: No, score=0.03 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, KAM_INFOUSMEBIZ=0.75, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=disabled Authentication-Results: spamd1-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=aqute-biz.20150623.gappssmtp.com Received: from mx2-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id jLZkKEaYlyvt for ; Sat, 23 Apr 2016 16:12:32 +0000 (UTC) Received: from mail-qk0-f169.google.com (mail-qk0-f169.google.com [209.85.220.169]) by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id AAD115F59E for ; Sat, 23 Apr 2016 16:12:31 +0000 (UTC) Received: by mail-qk0-f169.google.com with SMTP id q76so35200368qke.2 for ; Sat, 23 Apr 2016 09:12:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aqute-biz.20150623.gappssmtp.com; s=20150623; h=from:content-transfer-encoding:mime-version:subject:message-id:date :references:in-reply-to:to; bh=QgNnuBhFnEdb0OgDKPY1STyMqvimuWctiQZCD8zgrbI=; b=LkpuX3x+pwWZV7uJ05Tho18znPeIJ/mZNNYBoqAFy92c6T4FCa4ID/aFUYCT8FLv+x 2y4jRW6CYxvHHVR/Dm2TyhW4grysK3RjAEi2+YiXZ4pE74UcTZ/BzNWXi7nxcEt7zEkI brV3riREAvhZa6viXDfPCAaIWFqe1Ac+DApXqpXoZda81dIrwn0WWRCydnXk01Iyv5As Kavz5Yxa8udsKEJz2LNdeFIPSaXOkPzZpjsGgKmQfXxYPeNe/VI5I2aXKtkajGgl+q1n A+l3hDrQCbLTX4zXq+HKnD1kIqPJ1Lgs6jZKhO/T83wiMu2UYQFxOE+kFQrvNhFcyw4A qU8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:references:in-reply-to:to; bh=QgNnuBhFnEdb0OgDKPY1STyMqvimuWctiQZCD8zgrbI=; b=YhX6WoxUtzngwonp0VnssjabJu+VsEFGcyGELz3jOudZuiIoKwGk1Pwcdw8R6FjJBN 0g8SVp3sNBCDDOjiTjVQFmne9e2djk+5YZHLVWNrOyTW0IGqJ4+jbKlWhYdfac7pNw7l JvpFRM/A0Vq49bJXrTYrJn2GGshvtj+wUYX/BiAIm5HhYNM9Vf7FCHkrEaWBUyKqTyt3 Vd6L9ywuLACkfXjvmi6oUMUGi+3TQqm9aHDiKg9B9DeDpVx0psuyAVA06Ud4uWOHyBho j++zzlqBGRUOOyjG8LOgzpddFfIqnX+I4W2ZW5VWZHk26/0OIY8qjOPeUv8sTOF6U2Ux Lwvg== X-Gm-Message-State: AOPr4FWNrty40ldR2z5itdmeNT9Rz6fQW5Yjc7Ffqxl2eIKI56zjJl6oQZBFZJ995hT/Cw== X-Received: by 10.55.82.6 with SMTP id g6mr30756129qkb.40.1461427945607; Sat, 23 Apr 2016 09:12:25 -0700 (PDT) Received: from [10.0.1.16] (cpe-184-153-27-211.nyc.res.rr.com. [184.153.27.211]) by smtp.gmail.com with ESMTPSA id 64sm4342883qhf.40.2016.04.23.09.12.24 for (version=TLSv1/SSLv3 cipher=OTHER); Sat, 23 Apr 2016 09:12:24 -0700 (PDT) From: peter.kriens@aqute.biz Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Subject: Re: Plaintext password in configuration files for Jetty and Webconsole Message-Id: Date: Sat, 23 Apr 2016 12:12:24 -0400 References: <57179B34.7090100@hupie.com> <4DBDB53F-D2D5-489D-8118-DEC54D92ED47@adobe.com> <571B9234.5020800@apache.org> In-Reply-To: <571B9234.5020800@apache.org> To: users@felix.apache.org X-Mailer: iPhone Mail (13E238) You could adjust cm to recognize a macro and expand that macro to something l= ocal like a file, a system property, or an environment variable. That is how I solved it in the Configurer. Works very well on Travis that al= lows you to configure with encrypted data that is decrypted as environment v= ariables. Peter Kriens Sent from my iPhone > On Apr 23, 2016, at 11:18 AM, Carsten Ziegeler wrot= e: >=20 > Antonio Sanso wrote >> hi, >>=20 >> I would actually have the same question? >>=20 >> Is there anything can be done here ? If not there is any plan to improve t= his? >> I might try to help out in this area providing a patch=E2=80=A6 >>=20 >> Anyone :)? >=20 > Didn't we discuss some time back to have a crypt service and leave it up > to every component to use this service to decrypt configuration properties= ? >=20 > Automatic decryption e.g. in configuration admin is not really a good > idea, as this would mean everyone can get the configuration decrypted > and it's visible in the web console, in the status zip etc. >=20 > Regards > Carsten > --=20 > Carsten Ziegeler > Adobe Research Switzerland > cziegeler@apache.org >=20 > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@felix.apache.org > For additional commands, e-mail: users-help@felix.apache.org >=20 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@felix.apache.org For additional commands, e-mail: users-help@felix.apache.org