geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Donald Woods (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
Date Fri, 10 Mar 2006 02:51:39 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]

Donald Woods updated GERONIMO-1716:
-----------------------------------

    Attachment: Geronimo-1716.patch

New/updated passwords through the console will get encrypted when saved, using the SimpleEncryption
class as the deployer tool uses.
Hand edits to the users.properties file will get encrypted the next time the server is started
by the Console provided PropertiesLoginModuleManager GBean.


> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
>          Key: GERONIMO-1716
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1716
>      Project: Geronimo
>         Type: Improvement
>   Components: security
>     Versions: 1.0, 1.1, 1.2
>  Environment: Any
>     Reporter: Donald Woods
>     Assignee: Donald Woods
>     Priority: Minor
>      Fix For: 1.2
>  Attachments: Geronimo-1716.patch
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords
in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption
utility class, just like the deployer, to read/write passwords that have the {Simple} key
in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite
the users.properties file if it detects unencrypted passwords, which will allow users to manually
edit the file to update a password and then have it automatically encrypted when the next
login event occurs.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message