[
https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Attachment: G1716.patch
Updated patch created against server/trunk.
Patch includes additional logging and fixed duplicated code by using
refeshUsers/Groups throughout.
Encryption of user properties file is option, by including the optional
attribute of encrypt=Standard, which has been added to the j2ee-security plan,
so the default users.properties file will now be encrypted on the first server
startup and will encrypt Console added users as they are added or hand added
entries on the next server restart.
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: Wish List
>
> Attachments: G1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt
> user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the
> SimpleEncryption utility class, just like the deployer, to read/write
> passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated
> to rewrite the users.properties file if it detects unencrypted passwords,
> which will allow users to manually edit the file to update a password and
> then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
