Return-Path: X-Original-To: apmail-geronimo-dev-archive@www.apache.org Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1CA89D0CA for ; Fri, 14 Sep 2012 04:01:22 +0000 (UTC) Received: (qmail 17738 invoked by uid 500); 14 Sep 2012 04:01:20 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 17227 invoked by uid 500); 14 Sep 2012 04:01:14 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 17174 invoked by uid 99); 14 Sep 2012 04:01:13 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Sep 2012 04:01:13 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [98.136.44.56] (HELO smtp101.prem.mail.sp1.yahoo.com) (98.136.44.56) by apache.org (qpsmtpd/0.29) with SMTP; Fri, 14 Sep 2012 04:01:06 +0000 Received: (qmail 9976 invoked from network); 14 Sep 2012 04:00:46 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=DKIM-Signature:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:From:Mime-Version:Content-Type:Subject:Date:In-Reply-To:To:References:Message-Id:X-Mailer; b=zBqtPPdsfbVDwCbqI8q4FDYe9YkbReuotqUpurUuNXpoaFzhD7PJmtkbrRaAO+JkSJjaYrUdjS/mS+71GL2DYf0bXVoif0EWyRA5/N1wdDoxRiE1oBYw64vZHQtKRKW9udUDpvIYPUwfCa9/bNkF2Ej7WeVi5Gt+KQ03hx06tfc= ; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1347595246; bh=mQSp0vfDyM7mUWwLFAj1XkN5uO5Y7JSGkjMOfvHBSBw=; h=X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:From:Mime-Version:Content-Type:Subject:Date:In-Reply-To:To:References:Message-Id:X-Mailer; b=Zrm5xJkzOLH3Ns9DkwhP8n1Brk4uDl3ZPgAeFb8vl4Z/LqTu+l93HBzCJfpyDFXonAS0dwLPa1rpu9JTfrSeYrocmiLhC6U6e3wJhIWLA5WDilqbmlwtVndopWi35j5ayvBMfYE52hWoD6NTetwKZUgLqXFdGKEFIYIx4vUVwDY= X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: rqgJOIwVM1lx6SPN_PlGvMIg.mgU1mTRst_yCHbTUJgRPhk zSTnoRd2vYfeCVbX1lZUmA.E5NA6ZAOk0Wq6E5CXLGbVo5CrjNgCfuXc5pNL w39BCNi1jSEPNbOtccuvVxEwqTxOCo2laeDhTRhSpwoGaokihAnO_upOt_ZW ZFVZq0qhNGr4xDWrgNr1BnZAW0K3aB5syyk5Lx69bYmxP2fhoffkUL2JGfD_ s5ydlLApYvotOhGai.9.eqsECYEEEJIYMt34HgOMhaBBCUwMmffyZKPlH3ak bH_abh6i8HLpKZ7LC42ZSogFDgP3Wojc9fC0Tm6Fs22gRa0bfjACHJoQq4Ig THTv4w0rs3KYedApaWyrgitgSfbbJc3c58UScTH7K4kbRGPnl39d1gGYUhlp 0v8dUd.f2joAxdgfdKnlE1bUl0m9p4hVIOEt6ipCsBvuacTunXNpqC4gG.US 9b24ZJqiVc.qWDpAIDJU74hFT5W9m7QvRzB7NcYiabM2fAasiAIDD81E3oUg nWDyCnyS3qY0BPgbwr36Obf4jZ.WhhxPh X-Yahoo-SMTP: .9oIUzyswBANsYgUm_5uPui0skTnzGJXJQ-- Received: from [10.0.1.12] (david_jencks@98.246.196.64 with plain) by smtp101.prem.mail.sp1.yahoo.com with SMTP; 13 Sep 2012 21:00:45 -0700 PDT From: David Jencks Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: multipart/alternative; boundary=Apple-Mail-33--79142240 Subject: Re: How to create a ConfiguredSecretKey.ser for Obscuring Passwords feature Date: Thu, 13 Sep 2012 21:00:45 -0700 In-Reply-To: To: dev@geronimo.apache.org References: Message-Id: <766BE8E3-2555-488A-AB98-2D3EE611464F@yahoo.com> X-Mailer: Apple Mail (2.1084) X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail-33--79142240 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii The instructions you point to recommend setting up the gbean as you have = done and NOT creating a ConfiguredSecretKey.ser file: one will be = created for you on first use based on a secure random number. If you want to supply your own key for some reason, you should look at = the ConfiguredEncryption gbean code to see how the .ser file is = generated and do something similar with your key. hope this helps david jencks On Sep 13, 2012, at 7:53 PM, Zhi Xie wrote: > I want to use the Obscuring Passwords feacture in geronimo 3.0-beta-1 > I follow the doc = https://cwiki.apache.org/GMOxDEV/obscuring-passwords.html=20 > Create a ConfiguredSecretKey.ser file in the var\security directory, = add a ConfiguredEncryption gbean in the config.xml like this. >=20 > = "org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car?ServiceModule=3D= org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car,j2eeType=3DGBea= n,name=3DConfiguredEncryption"> > var/security/ConfiguredSecretKey.ser > > > ServerInfo > > > >=20 > But got an exception below. I think I have make a wrong = ConfiguredSecretKey.ser. Could anybody know how to create a right one. >=20 >=20 > 2012-09-13 14:39:36,322 ERROR [GBeanInstanceState] Error while = starting; GBean is now in the FAILED state: = abstractName=3D"org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car= ?ServiceModule=3Dorg.apache.geronimo.framework/rmi-naming/3.0-w20120503/ca= r,j2eeType=3DGBean,name=3DConfiguredEncryption" > java.io.StreamCorruptedException: invalid stream header: FEEDFEED > at = java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:786) > at java.io.ObjectInputStream.(ObjectInputStream.java:283) > at = org.apache.geronimo.crypto.ConfiguredEncryption.(ConfiguredEncryptio= n.java:51) > at = org.apache.geronimo.system.util.ConfiguredEncryption.(ConfiguredEncr= yption.java:53) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native = Method) > at = sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAcc= essorImpl.java:44) > at = sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstr= uctorAccessorImpl.java:27) > at = java.lang.reflect.Constructor.newInstance(Constructor.java:516) > at = org.apache.xbean.recipe.ReflectionUtil$ConstructorFactory.create(Reflectio= nUtil.java:958) > at = org.apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java:276)= > at = org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96) > at = org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61) > at = org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstan= ce.java:958) > at = org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBea= nInstanceState.java:271) > at = org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceSt= ate.java:105) > at = org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanI= nstanceState.java:127) > at = org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstan= ce.java:569) > at = org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKern= el.java:386) > at = org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBea= ns(ConfigurationUtil.java:466) > at = org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelC= onfigurationManager.java:225) > at = org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfigur= ation(SimpleConfigurationManager.java:710) > at = org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(EmbeddedDaemon.ja= va:239) > at = org.apache.geronimo.system.main.EmbeddedDaemon.execute(EmbeddedDaemon.java= :99) > at = org.apache.geronimo.system.osgi.BootActivator$1.execute(BootActivator.java= :107) > at = org.apache.geronimo.main.Bootstrapper.execute(Bootstrapper.java:68) > at = org.apache.geronimo.cli.AbstractCLI.executeMain(AbstractCLI.java:65) > at = org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java:32) >=20 > --=20 > Best Regards > Gary >=20 --Apple-Mail-33--79142240 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii The instructions you point to recommend setting up the gbean as you have done and NOT creating a ConfiguredSecretKey.ser file: one will be created for you on first use based on a secure random number.

If you want to supply your own key for some reason, you should look at the ConfiguredEncryption gbean code to see how the .ser file is generated and do something similar with your key.

hope this helps

david jencks

On Sep 13, 2012, at 7:53 PM, Zhi Xie wrote:

I want to use the Obscuring Passwords feacture in geronimo 3.0-beta-1
Create a ConfiguredSecretKey.ser file in the var\security directory, add a ConfiguredEncryption gbean in the config.xml like this.

"org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car?ServiceModule=org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car,j2eeType=GBean,name=ConfiguredEncryption">
            <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
            <reference name="ServerInfo">
                <pattern>
                    <name>ServerInfo</name>
                </pattern>
            </reference>
        </gbean>

But got an exception below. I think I have make a wrong ConfiguredSecretKey.ser. Could anybody know how to create a right one.


2012-09-13 14:39:36,322 ERROR [GBeanInstanceState] Error while starting; GBean is now in the FAILED state: abstractName="org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car?ServiceModule=org.apache.geronimo.framework/rmi-naming/3.0-w20120503/car,j2eeType=GBean,name=ConfiguredEncryption"
java.io.StreamCorruptedException: invalid stream header: FEEDFEED
at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:786)
at java.io.ObjectInputStream.<init>(ObjectInputStream.java:283)
at org.apache.geronimo.crypto.ConfiguredEncryption.<init>(ConfiguredEncryption.java:51)
at org.apache.geronimo.system.util.ConfiguredEncryption.<init>(ConfiguredEncryption.java:53)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:44)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:516)
at org.apache.xbean.recipe.ReflectionUtil$ConstructorFactory.create(ReflectionUtil.java:958)
at org.apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java:276)
at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96)
at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61)
at org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:958)
at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:271)
at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:105)
at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:127)
at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:569)
at org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:386)
at org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:466)
at org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:225)
at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:710)
at org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(EmbeddedDaemon.java:239)
at org.apache.geronimo.system.main.EmbeddedDaemon.execute(EmbeddedDaemon.java:99)
at org.apache.geronimo.system.osgi.BootActivator$1.execute(BootActivator.java:107)
at org.apache.geronimo.main.Bootstrapper.execute(Bootstrapper.java:68)
at org.apache.geronimo.cli.AbstractCLI.executeMain(AbstractCLI.java:65)
at org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java:32)

--
Best Regards
Gary


--Apple-Mail-33--79142240--