geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Created: (GERONIMO-411) Add Hash Password Rewrite to File Realm
Date Mon, 01 Nov 2004 16:33:32 GMT
Add Hash Password Rewrite to File Realm
---------------------------------------

         Key: GERONIMO-411
         URL: http://nagoya.apache.org/jira/browse/GERONIMO-411
     Project: Apache Geronimo
        Type: Improvement
  Components: security  
    Versions: 1.0-M2    
    Reporter: Aaron Mulder
    Priority: Minor


It would be nice if the properties file realm could rewrite your properties file with hashed
passwords when it reads it.  We would need to be able to recognize hashed vs. unhashed entries
and perhaps even different algorithms.  Perhaps it could go like this:

user1=plaintext
user2=MD5{...}
user3=SHA1{...}

Anyway, the idea is that this could be a reasonably secure alternative, but you still wouldn't
need to manually hash things to add or update entries -- just put a plain text entry in and
the next time the server reads the file it would hash it for you.

I guess we'd need to synchronize on the hash operation to avoid threading problems if multiple
apps or whatever use the same properties file, but it shouldn't be bad if we only rewrite
the file if we find any plain text entries.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://nagoya.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message