jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paco Avila <pav...@git.es>
Subject Re: it is possible to encrypt the document in the repository?
Date Wed, 11 Jun 2008 13:39:19 GMT
El mié, 11-06-2008 a las 16:15 +0300, Jukka Zitting escribió:
> Hi,
> 
> On Wed, Jun 11, 2008 at 1:46 PM, Paco Avila <pavila@git.es> wrote:
> > I want to ecnrypt the documents stored in the jackrabbit repository but
> > i have a big problem: if I store an encrypted stream, the text
> > extractors will fail to extract info from this encrypted stream. So, how
> > can I store these encrypted documents and get indexed?
> 
> Store unencrypted copies of the documents in the repository.

Yeah, but the problem is the same :)

> What's the reason for storing the documents encrypted? If it's
> security-related, note that even if users wouldn't have direct access
> to the underlying index files, they'd still be able to deduce much of
> the document contents by carefully crafted queries against the
> repository. For example
> /jcr:root/path/to/document[jcr:contains(.,'foo')] tells if a document
> contains "foo".

Ok, but he can't deduce the whole document using this approach. The
problem is when an user access the server and can view the filesystem,
and the documents are stored on it. If I encrypt these documents in the
repository, no one can read the files out of jackrabbit.

> If you still want to do this, one alternative would of course be to
> write a custom text extractor that knows how to decrypt the documents
> before passing them to the normal text extractors.

Thanks, I was thinking to implement something like this.

-- 
Paco Avila <pavila@git.es>
GIT Consultors


Mime
View raw message