synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hiranya Jayathilaka <hiranya...@gmail.com>
Subject Re: Configuring user names and passwords in Synpase
Date Tue, 27 Jul 2010 15:45:06 GMT
Hi Charith,

On Tue, Jul 27, 2010 at 4:15 PM, Charith Wickramarachchi <
charith.dhanushka@gmail.com> wrote:

> Hi,
>
> While implementing the JMS based Message store i got a requirement to give
> some parameters to the Message store for the authentication.
> But if i use the Message store configuration element and make user enable
> to put usernames and passwords there those values will be visible
> in the configuration.
>

This is not something new. Some of the existing mediators also suffer from
the same limitation. For an example take a look at dblookup [1] and dbreport
[2] mediators. They require the user to put database credentials in the
synapse.xml. However, in a typical production deployment, only system admins
will have access to the synapse.xml. Hence it can be considered ok most of
the time.


>
> Is there a more convenient  way in synapse to keep the secret values ? It
> will be great to have some pointers where it has been used.
>

The new secure vault feature, implemented by Indika, enables the user to
keep the authentication details completely hidden. This feature is now
available in the trunk. Indika should be able to shed some light on the
subject.

Thanks,
Hiranya

[1] - http://synapse.apache.org/Synapse_Samples.html#Sample360
[2] - http://synapse.apache.org/Synapse_Samples.html#Sample361


>
> thanks,
> Charith.
>
> --
> Charith Dhanushka Wickramarachchi
> http://charithwiki.blogspot.com/
>
>


-- 
Hiranya Jayathilaka
Senior Software Engineer;
WSO2 Inc.;  http://wso2.org
E-mail: hiranya@wso2.com;  Mobile: +94 77 633 3491
Blog: http://techfeast-hiranya.blogspot.com

Mime
View raw message