shindig-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jiraposter@reviews.apache.org (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHINDIG-1636) Create a KeyProvider to provide an encryption key to the SecurityToken workflow
Date Fri, 21 Oct 2011 16:22:34 GMT

    [ https://issues.apache.org/jira/browse/SHINDIG-1636?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13132790#comment-13132790
] 

jiraposter@reviews.apache.org commented on SHINDIG-1636:
--------------------------------------------------------


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2362/
-----------------------------------------------------------

(Updated 2011-10-21 16:23:00.455060)


Review request for Ryan Baxter, Dan Dumont and Jesse Ciancetta.


Changes
-------

Merged in Dan's security token refactoring.  Updated JUnits and everything passes.


Summary
-------

Currently, org.apache.shindig.auth.BlobCrypterSecurityTokenCodec.loadContainers(ContainerConfig,
Collection<String>, Map<String, BlobCrypter>, Map<String, String>) reads
an encryption key from a keyfile to instantiate the BlobCrypter. The keyfile is defined in
the container.js. An improvement to this behavior would be to provide an injectable KeyProvider
class that can return the key. This would allow the key to reside anywhere instead of in a
static keyfile. 

Initial review to Dan, Ryan, and Jesse.  Once we've decided that this seems like a rational
approach, I'll add the dev list.


This addresses bug SHINDIG-1636.
    https://issues.apache.org/jira/browse/SHINDIG-1636


Diffs (updated)
-----

  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java
1187375 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
1187375 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java
1187375 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/KeyFileKeyProvider.java
PRE-CREATION 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/KeyProvider.java
PRE-CREATION 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
1187375 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java
1187375 
  http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/KeyFileKeyProviderTest.java
PRE-CREATION 

Diff: https://reviews.apache.org/r/2362/diff


Testing
-------

Updated and ran existing JUnits.  
Created new JUnits for the new KeyFileKeyProvider.  
Performed manual functional tests with encrypted security tokens in the sample common container.


Thanks,

Stanton


                
> Create a KeyProvider to provide an encryption key to the SecurityToken workflow
> -------------------------------------------------------------------------------
>
>                 Key: SHINDIG-1636
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1636
>             Project: Shindig
>          Issue Type: Improvement
>          Components: Java
>            Reporter: Stanton Sievers
>   Original Estimate: 48h
>  Remaining Estimate: 48h
>
> Currently, org.apache.shindig.auth.BlobCrypterSecurityTokenCodec.loadContainers(ContainerConfig,
Collection<String>, Map<String, BlobCrypter>, Map<String, String>) reads
an encryption key from a keyfile to instantiate the BlobCrypter.  The keyfile is defined in
the container.js.  An improvement to this behavior would be to provide an injectable KeyProvider
class that can return the key.  This would allow the key to reside anywhere instead of in
a static keyfile.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message