Return-Path: 
 <dev-return-54631-apmail-geronimo-dev-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-dev-archive@www.apache.org
Received: (qmail 21844 invoked from network); 15 Sep 2007 12:09:43 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 15 Sep 2007 12:09:43 -0000
Received: (qmail 68672 invoked by uid 500); 15 Sep 2007 12:09:35 -0000
Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org
Received: (qmail 68605 invoked by uid 500); 15 Sep 2007 12:09:34 -0000
Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:dev-help@geronimo.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@geronimo.apache.org>
List-Post: <mailto:dev@geronimo.apache.org>
Reply-To: dev@geronimo.apache.org
List-Id: <dev.geronimo.apache.org>
Delivered-To: mailing list dev@geronimo.apache.org
Received: (qmail 68593 invoked by uid 99); 15 Sep 2007 12:09:34 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 15 Sep 2007 05:09:34 -0700
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of ammulder@gmail.com designates
 64.233.182.186 as permitted sender)
Received: from [64.233.182.186] (HELO nf-out-0910.google.com) (64.233.182.186)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 15 Sep 2007 12:09:33 +0000
Received: by nf-out-0910.google.com with SMTP id d3so944273nfc
        for <dev@geronimo.apache.org>; Sat, 15 Sep 2007 05:09:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
        bh=CkMhXb2JbZDQraSTpzvFvLRtOVxIV7a6ept2706UcGs=;
        b=daEYRqibYRqBJ8hbo23wdd7vsStS3JGMcEAmmInLL5GIwwATEDmD0VjM5MroRuFpzO17IcclPUe+wTcCx8v4aDjLrmBi6/pvMxMe+Si//0kF3dOMqABb4ienWF8lllBTBJTtwsbK3UAsxOXEHxycLbwpVFQSNZGTkhRn0c/vqKI=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
        b=DLj0NQ1lG1HayHx6D4XuyMosjgO7Y04cZDldEZyj1UmUs/mBLaQ01HDCP3+yA/2MxFsV539ZdSpN1yekgE+te7qniWmAHVlb4b7VvnZCsj4WZAEmOeVusvwqRIhVWKd6cUw9l6BXALh2ChQ9MIT+dcqOvTLVimPbbvXTzoWXI5E=
Received: by 10.78.97.7 with SMTP id u7mr1566999hub.1189858151289;
        Sat, 15 Sep 2007 05:09:11 -0700 (PDT)
Received: by 10.78.195.19 with HTTP; Sat, 15 Sep 2007 05:09:11 -0700 (PDT)
Message-ID: <74e15baa0709150509i59cd4211m545be3d78c80ec08@mail.gmail.com>
Date: Sat, 15 Sep 2007 08:09:11 -0400
From: "Aaron Mulder" <ammulder@alumni.princeton.edu>
Sender: ammulder@gmail.com
To: dev@geronimo.apache.org
Subject: Re: Obscuring passwords in new ways
In-Reply-To: <F2167BE4-4B56-4937-AE26-A0BB4B42F1ED@yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <F2167BE4-4B56-4937-AE26-A0BB4B42F1ED@yahoo.com>
X-Google-Sender-Auth: 0cd1f256b416dd5d
X-Virus-Checked: Checked by ClamAV on apache.org

Sounds nice!

Aaron

On 9/14/07, David Jencks <david_jencks@yahoo.com> wrote:
> Periodically users show up who want their passwords obscured in new
> ways that allow their systems to break by removing the key used to
> obscure them :-)  (how's that for a biased view of the situation :-)
>
> They don't like SimpleEncryption because the key is hardcoded and
> thus the same for all geronimo instances.
>
> See GERONIMO-2925
>
> I've implemented something for this request that allows you to
> register "encryptors" with the EncryptionManager.  By default you get
> the current SimpleEncryption which uses AES with a hardcoded key.
>
> There's also a ConfiguredEncryption gbean that will generate and save
> a key if not present or use a saved one.
>
> You can register any number of Encryption instances with
> EncrptionManager but only the first one you register will be used for
> encryption.  Others might be used for decryption.
>
> If you try to encrypt a string that is already encrypted under a
> different registered Encryption instance it will decrypt using the
> old Encryption and re-encrypt using the registered Encryption.  For
> instance the properties file login module used to use {Standard} as
> the prefix instead of {Simple} so I registered the SimpleEncryption
> instance under both prefixes: the property files are re-encrypted
> with the {Simple} prefix.
>
> If you want to use the ConfiguredEncryption you can add this to
> config.xml under rmi-naming module:
>
> <gbean name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car?
> name=ConfiguredEncryption,j2eeType=GBean"
> gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
> <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
> <reference name="ServerInfo"><pattern><name>ServerInfo</name></
> pattern></reference>
> </gbean>
>
> I haven't tried this with app clients yet but I assume that adding
> this gbean to client would work.
>
> I'd appreciate review on this both for the idea of pluggable
> Encryption and even more for my use of crypto which I am definitely
> not an expert in.
>
> thanks
> david jencks
>
>
>