incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Janne Jalkanen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JSPWIKI-205) Obfuscate on disk content type
Date Fri, 07 Mar 2008 22:37:46 GMT

    [ https://issues.apache.org/jira/browse/JSPWIKI-205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12576423#action_12576423
] 

Janne Jalkanen commented on JSPWIKI-205:
----------------------------------------

Um.  Wouldn't something like LDAP suit you better?  Storing passwords in wikipages sounds
very, very hazardous to me.  Typically, passwords are not encrypted but hashed in such a way
that they cannot be converted to plaintext anymore.

However, if you do need encrypted storage, it would be relatively trivial to make your own
EncryptedFileProvider by just simply adding encryption onto one of the existing providers.
 But I don't see much use for it in the core, frankly.  I don't think it provides any real
security though.

> Obfuscate on disk content type
> ------------------------------
>
>                 Key: JSPWIKI-205
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-205
>             Project: JSPWiki
>          Issue Type: Improvement
>            Reporter: Chris Lialios
>            Priority: Trivial
>
> We would like to store passwords within the wiki pages. 
> Securing the page is trivial, however the contents on disk remain clear text.
> It would be very nice to have a page type that could be stored in an obfuscated form
on disk. 
> As an addition  have a secondary password to display/edit the encrypted contents on disk
for those who do not want to use wiki security on the page.
> I suspect this will have potentially drastic effects on the revisions process, but it
would be a small price to pay for security.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message