geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chi Runhua (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (GERONIMO-4176) Documentation - Security - pluggable encryption system/custom keys
Date Mon, 17 May 2010 02:42:43 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-4176?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Chi Runhua resolved GERONIMO-4176.
----------------------------------

    Fix Version/s: 3.0
                   2.2
                   2.1.5
       Resolution: Fixed

Doc updated accordingly for G2.1/2.2/3.0 space.


https://cwiki.apache.org/GMOxDOC21/basic-hints-on-security-configuration.html
https://cwiki.apache.org/GMOxDOC22/basic-hints-on-security-configuration.html
https://cwiki.apache.org/GMOxDOC30/basic-hints-on-security-configuration.html

> Documentation - Security - pluggable encryption system/custom keys
> ------------------------------------------------------------------
>
>                 Key: GERONIMO-4176
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4176
>             Project: Geronimo
>          Issue Type: Task
>      Security Level: public(Regular issues) 
>          Components: documentation
>    Affects Versions: 2.1.x
>            Reporter: Hernan Cunico
>            Assignee: Chi Runhua
>             Fix For: 3.0, 2.2, 2.1.5
>
>
> Provide documentation for the pluggable encryption system for passwords. This feature
has been available since [GERONIMO-2925] but never documented.
> <snip>
> If you want to have a fixed key generated by geronimo you can add this gbean to the rmi-naming
module in config.xml:
> <gbean name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean"
gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
> <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
> <reference name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference>
> </gbean>
> This will create a key the first time its started, after that it will keep using the
saved key at the location specified. If you put a serialized SecretKeySpec there it will use
it instead.
> Of course using something like this leaves your system open to the key file changing
or disappearing and losing all the saved password info.
> </snip>

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message