+1 Also we need to avoid keystores been configured in different places. Like datasources - we need to have key stores configured in a single place and reference those from other places..
Thanks & regards, -Prabath On Sat, Jun 22, 2013 at 3:05 PM, Amila Suriarachchi <[email protected]> wrote: > hi, > > After reading some tomcat codes I found we can set the keystore password > by overriding the setkeystorepass method in Http1NioProtocol class. > > package org.wso2.carbon.tomcat.ext.transport; > > import org.apache.coyote.http11.Http11NioProtocol; > > public class CarbonHttp1NioProtocol extends Http11NioProtocol { > > @Override > public void setKeystorePass(String s) { > System.out.println("setting the key store pass "); > super.setKeystorePass("wso2carbon"); > } > } > > Now we can set our class at the tomcat connector level. > > <Connector > protocol="org.wso2.carbon.tomcat.ext.transport.CarbonHttp1NioProtocol" > port="9443" > bindOnInit="false" > sslProtocol="TLS" > maxHttpHeaderSize="8192" > acceptorThreadCount="2" > maxThreads="250" > minSpareThreads="50" > disableUploadTimeout="false" > enableLookups="false" > connectionUploadTimeout="120000" > maxKeepAliveRequests="200" > acceptCount="200" > server="WSO2 Carbon Server" > clientAuth="false" > compression="on" > scheme="https" > secure="true" > SSLEnabled="true" > compressionMinSize="2048" > noCompressionUserAgents="gozilla, traviata" > > compressableMimeType="text/html,text/javascript,application/x-javascript,application/javascript,application/xml,text/css,application/xslt+xml,text/xsl,image/gif,image/jpg,image/jpeg" > > keystoreFile="${carbon.home}/repository/resources/security/wso2carbon.jks" > keystorePass="carbon1" > URIEncoding="UTF-8"/> > > so what we can do is to read the pass word from the carbon.xml key stores > which is secured at that method and set the correct password instead of > letting users to declare it. Even we can override the keystore location. so > we can remove both those parameters from there and read only from > carbon.xml file. > > WDYT? > > thanks, > Amila. > > > -- > *Amila Suriarachchi* > > Software Architect > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 71 3082805 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
