geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chi Runhua (JIRA)" <>
Subject [jira] Assigned: (GERONIMO-4176) Documentation - Security - pluggable encryption system/custom keys
Date Mon, 17 May 2010 02:22:41 GMT


Chi Runhua reassigned GERONIMO-4176:

    Assignee: Chi Runhua  (was: Hernan Cunico)

> Documentation - Security - pluggable encryption system/custom keys
> ------------------------------------------------------------------
>                 Key: GERONIMO-4176
>                 URL:
>             Project: Geronimo
>          Issue Type: Task
>      Security Level: public(Regular issues) 
>          Components: documentation
>    Affects Versions: 2.1.x
>            Reporter: Hernan Cunico
>            Assignee: Chi Runhua
> Provide documentation for the pluggable encryption system for passwords. This feature
has been available since [GERONIMO-2925] but never documented.
> <snip>
> If you want to have a fixed key generated by geronimo you can add this gbean to the rmi-naming
module in config.xml:
> <gbean name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean"
> <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
> <reference name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference>
> </gbean>
> This will create a key the first time its started, after that it will keep using the
saved key at the location specified. If you put a serialized SecretKeySpec there it will use
it instead.
> Of course using something like this leaves your system open to the key file changing
or disappearing and losing all the saved password info.
> </snip>

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message