karaf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Łukasz Dywicki <l...@code-house.org>
Subject Re: Encryption of passwords
Date Thu, 05 Jan 2012 00:21:58 GMT
Hey Matt,
Sorry for initial missunderstanding of your idea. So far there is no support for crypted values
in config admin. EncryptionService is general purpose tool. You can use it to de-crypt values
from configuration admin or somewhere in your application.
If you're looking for something to crypt passwords used by Camel take look for camel-jaspyt
integration: http://camel.apache.org/jasypt.html

Best regards,
Łukasz Dywicki
--
Code-House
http://code-house.org

Wiadomość napisana przez Bengt Rodehav w dniu 2012-01-04, o godz. 23:42:

> Thanks for you suggestion Lukasz but I already read that part.
> 
> Looking at it again, it seems like encryption is only supported in JAAS configurations.
I was hoping that it could be used in any configuration file managed by config admin (or rather
fileinstall). E g we configure a lot of camel routes using e g ftp. In that case we need to
configure the route with the correct user and password. We currently do that using config
admin. I was hoping that Karaf's encryption support could make the passwords in those configuration
files encrypted. They would of course have to be decrypted before the config admin feeds a
service with the configuration.
> 
> Did I completely misunderstand the encryption service?
> 
> /Bengt
> 
> 2012/1/4 Łukasz Dywicki <luke@code-house.org>
> Please reffer the documentation:
> 
> http://karaf.apache.org/manual/latest-2.2.x/developers-guide/security-framework.html#Encryptionservice
> 
> For stronger security use a Jaspyt.
> 
> Łukasz Dywicki
> --
> Code-House
> http://code-house.org
> 
> Wiadomość napisana przez Bengt Rodehav w dniu 2012-01-04, o godz. 21:22:
> 
>> I've seen that Karaf provides an encryption service but I haven't figured out how
to use it.
>> 
>> In our case we sometimes have to store passwords in configuration files. Can the
encryption service be used to encrypt them and then decrypt them when configuration admin
passes a configuration to a service? If so, how do I accomplish this?
>> 
>> /Bengt
> 
> 
> 
> 
> 


Mime
View raw message