synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "indika priyantha kumara (JIRA)" <>
Subject [jira] Commented: (SYNAPSE-376) Securing password in the datasource definition
Date Sun, 29 Jun 2008 13:09:45 GMT


indika priyantha kumara commented on SYNAPSE-376:

I initially thought , both trust-store and key-store configurations to keep in the
And '' keep all the cipher texts that will be used in anywhere in the
synapse (not just for datasource - for example , password in dblookp mediator). Now, I feel
both trust-store and key-store configuration also have to be moved to ''
and both password for trust-store and key-store need to be kept on a separate file and after
reading that file (in start up ) , do delete it. Then, passwords for  both trust-store and
key-store are one time. We can also use asking user to give password for both trust-store
and key-store. But , I prefer to keep those in a file and after reading delete it. 


"" file look like

# Common properties

......  # other parameters for truststore configuration (except passwords)

....   # other parameters for keystore configuration (except passwords)



# configuration  per each plaintext


And another one time file (on start up , after reading , do delete it)



> Securing password in the datasource definition 
> -----------------------------------------------
>                 Key: SYNAPSE-376
>                 URL:
>             Project: Synapse
>          Issue Type: Improvement
>            Reporter: indika priyantha kumara
>            Assignee: indika priyantha kumara
>             Fix For: FUTURE
> Currently ,passwords in the datasource definition are in clear text format. (In
Those have to be encrypted. 

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message