Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 30296 invoked from network); 8 Mar 2006 18:41:05 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 8 Mar 2006 18:41:05 -0000 Received: (qmail 2999 invoked by uid 500); 8 Mar 2006 18:41:02 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 2948 invoked by uid 500); 8 Mar 2006 18:41:01 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 2937 invoked by uid 99); 8 Mar 2006 18:41:01 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 08 Mar 2006 10:41:01 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [192.87.106.226] (HELO ajax) (192.87.106.226) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 08 Mar 2006 10:41:01 -0800 Received: from ajax (localhost.localdomain [127.0.0.1]) by ajax (Postfix) with ESMTP id 5BFF0D49F9 for ; Wed, 8 Mar 2006 18:40:40 +0000 (GMT) Message-ID: <305686569.1141843240274.JavaMail.jira@ajax> Date: Wed, 8 Mar 2006 18:40:40 +0000 (GMT) From: "Donald Woods (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Created: (GERONIMO-1716) Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console ---------------------------------------------------------------------------- Key: GERONIMO-1716 URL: http://issues.apache.org/jira/browse/GERONIMO-1716 Project: Geronimo Type: Improvement Components: security Versions: 1.0, 1.1, 1.2 Environment: Any Reporter: Donald Woods Assigned to: Donald Woods Priority: Minor Fix For: 1.2 Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties. To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords. The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira