Return-Path: Delivered-To: apmail-synapse-dev-archive@www.apache.org Received: (qmail 42160 invoked from network); 29 Jul 2010 04:46:09 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 29 Jul 2010 04:46:09 -0000 Received: (qmail 25834 invoked by uid 500); 29 Jul 2010 04:46:08 -0000 Delivered-To: apmail-synapse-dev-archive@synapse.apache.org Received: (qmail 25659 invoked by uid 500); 29 Jul 2010 04:46:06 -0000 Mailing-List: contact dev-help@synapse.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@synapse.apache.org Delivered-To: mailing list dev@synapse.apache.org Received: (qmail 25652 invoked by uid 99); 29 Jul 2010 04:46:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Jul 2010 04:46:05 +0000 X-ASF-Spam-Status: No, hits=4.7 required=10.0 tests=FREEMAIL_FROM,FREEMAIL_REPLY,HTML_MESSAGE,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of ruwan.linton@gmail.com designates 209.85.161.170 as permitted sender) Received: from [209.85.161.170] (HELO mail-gx0-f170.google.com) (209.85.161.170) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Jul 2010 04:46:01 +0000 Received: by gxk25 with SMTP id 25so173537gxk.15 for ; Wed, 28 Jul 2010 21:45:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=TQNCHn1yOy9phz3/bKUh8ZuEbMSYpCwwqtxiVTcd50Q=; b=Iwq5pEX2wQGiGjhuB4Z0Os1bVLfw5VtNze/K9opqmLrsS0HZ46atjMzTWvJx8ofkZr YeDGhHg9DbNC/UGieocE3mYnJ6h7ZM9Gx+T7YtJ2MTjCvAywAfh/rl4ic3ODWtvjD6dv DtVn3+3u6ZWnMRubgJ1aZMe6q914vJnbzXAKI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=PF2wGIDwsnEWPni3OuTOggsZP0DdVFThcA0wesbVpnoTul68g6Q8XAvPeXFaqJwsbQ Ol/1GCUyi6UEZKUSWVdtDDN04JDt4SoXAvPC8yYevs73i9qFPUFYsQOaN8OKPigrebEQ 5Nd4O707VUf9QXFbWS4F9uA2iJV1ANWGmciJQ= MIME-Version: 1.0 Received: by 10.151.21.2 with SMTP id y2mr417040ybi.175.1280378740387; Wed, 28 Jul 2010 21:45:40 -0700 (PDT) Received: by 10.229.248.138 with HTTP; Wed, 28 Jul 2010 21:45:40 -0700 (PDT) In-Reply-To: References: Date: Thu, 29 Jul 2010 10:15:40 +0530 Message-ID: Subject: Re: Configuring user names and passwords in Synpase From: Ruwan Linton To: dev@synapse.apache.org Content-Type: multipart/alternative; boundary=000e0cd250b0ffaffa048c7f674f --000e0cd250b0ffaffa048c7f674f Content-Type: text/plain; charset=ISO-8859-1 +1 Ruwan On Thu, Jul 29, 2010 at 9:51 AM, Charith Wickramarachchi < charith.dhanushka@gmail.com> wrote: > Thanks for the feed back. then i'll go with the approach were user name , > password parameters are visible > and later if a requirement comes i'll change it to use the secure vault > feature. > > On Tue, Jul 27, 2010 at 9:15 PM, Hiranya Jayathilaka > wrote: > >> Hi Charith, >> >> On Tue, Jul 27, 2010 at 4:15 PM, Charith Wickramarachchi < >> charith.dhanushka@gmail.com> wrote: >> >>> Hi, >>> >>> While implementing the JMS based Message store i got a requirement to >>> give some parameters to the Message store for the authentication. >>> But if i use the Message store configuration element and make user enable >>> to put usernames and passwords there those values will be visible >>> in the configuration. >>> >> >> This is not something new. Some of the existing mediators also suffer from >> the same limitation. For an example take a look at dblookup [1] and dbreport >> [2] mediators. They require the user to put database credentials in the >> synapse.xml. However, in a typical production deployment, only system admins >> will have access to the synapse.xml. Hence it can be considered ok most of >> the time. >> >> >>> >>> Is there a more convenient way in synapse to keep the secret values ? It >>> will be great to have some pointers where it has been used. >>> >> >> The new secure vault feature, implemented by Indika, enables the user to >> keep the authentication details completely hidden. This feature is now >> available in the trunk. Indika should be able to shed some light on the >> subject. >> >> Thanks, >> Hiranya >> >> [1] - http://synapse.apache.org/Synapse_Samples.html#Sample360 >> [2] - http://synapse.apache.org/Synapse_Samples.html#Sample361 >> >> >>> >>> thanks, >>> Charith. >>> >>> -- >>> Charith Dhanushka Wickramarachchi >>> http://charithwiki.blogspot.com/ >>> >>> >> >> >> -- >> Hiranya Jayathilaka >> Senior Software Engineer; >> >> WSO2 Inc.; http://wso2.org >> E-mail: hiranya@wso2.com; Mobile: +94 77 633 3491 >> Blog: http://techfeast-hiranya.blogspot.com >> > > > > -- > Charith Dhanushka Wickramarachchi > http://charithwiki.blogspot.com/ > > -- Ruwan Linton Software Architect & Product Manager, WSO2 ESB; http://wso2.org/esb WSO2 Inc.; http://wso2.org Lean . Enterprise . Middleware phone: +1 408 754 7388 ext 51789 email: ruwan@wso2.com; cell: +94 77 341 3097 blog: http://blog.ruwan.org linkedin: http://www.linkedin.com/in/ruwanlinton google: http://www.google.com/profiles/ruwan.linton tweet: http://twitter.com/ruwanlinton --000e0cd250b0ffaffa048c7f674f Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable +1

Ruwan

On Thu, Jul 29, 2010 at 9= :51 AM, Charith Wickramarachchi <charith.dhanushka@gmail.com> wrote:=
Thanks for the fe= ed back. then i'll go with the=A0approach=A0were =A0user name , passwor= d=A0parameters=A0are visible=A0
and later if a=A0requirement=A0comes i'll change it to use the secure v= ault feature.

On Tue, Jul 27, 2010 at 9:15 PM, Hiranya Jayathilaka <= hiranya911@gmail.= com> wrote:
Hi Charith,

On Tue, Jul 27, 2010 at = 4:15 PM, Charith Wickramarachchi <charith.dhanushka@gmail.com> wrote:
=A0

Is there a more=A0convenient=A0=A0way in synapse to keep t= he secret values ? It will be great to have some pointers where it has been= used.


Thanks,
Hiranya
=A0

thanks,
Charith.

--
Charith Dhanushka Wickramarachchi
http://charithwik= i.blogspot.com/




--
Hiranya Jayathila= ka
Senior Software Engineer;

WSO2 Inc.;=A0 http://wso2.org
E-mail: hiranya@wso2.com;=A0 Mobile: += 94 77 633 3491
Blog: h= ttp://techfeast-hiranya.blogspot.com



--
Charith Dhanushka Wickr= amarachchi
http://charithwiki.blogspot.com/




--
Ruwan Linto= n
Software Architect & Product Manager, WSO2 ESB; http://wso2.org/esb
WSO2 Inc.; http://wso2.org

Lean . Enterprise . Middleware

phone: +1 408 754 7388 ext 51789<= br>email: ruwan@wso2.co= m; cell: +94 77 341 3097
blog: http://blog.ruwan.org
linkedin: http://www.linkedin.com/in/ruwanlinton
google: http://www.google.= com/profiles/ruwan.linton
tweet: http://= twitter.com/ruwanlinton
--000e0cd250b0ffaffa048c7f674f--