Just reread the page for jBCrypt; unfortunately it is probably not what you need. It is used to generate hashes, then evaluate plaintext values against that hash.
This may be more helpful: http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html http://forum.java.sun.com/thread.jspa?threadID=5189694&messageID=9742327 Axton Grams On 7/14/07, Jarl Grøneng <[EMAIL PROTECTED]> wrote:
Its specified in the arsystem script. Does not know if its avaible on platforms other than Solaris. The plugin will be written in Java, will wait for version 7.1. Thanks for the links. -- Jarl On 7/14/07, Axton <[EMAIL PROTECTED]> wrote: > Where is ARCONFDIR specificed? In the arsystem script? Is it > available on all platforms? > > Blowfish is a very commonly available encryption scheme that can be > used to store encrypted and decrypt value. What language are you > using to write the plugin? C or java? > > For java: > http://mindrot.org/projects/jBCrypt/ > > For c: > http://bcrypt.sourceforge.net/ > > Both are available under the bsd license. > > Thanks, > Axton > > On 7/14/07, Jarl Grøneng <[EMAIL PROTECTED]> wrote: > > It would be much easier to be able to use the "Remedy Application > > Service" account. The only information I need is admin account and > > password since the plugin gonna access users logged into the system. > > > > I think its better to use the ARONFDIR var, since the plugin gets > > startet from the plugin daemon and the server can be startet by > > init.d. > > > > The need of encryption is because of customer requirement > > > > Thanks, > > > > -- > > Jarl > > > > On 7/14/07, Axton <[EMAIL PROTECTED]> wrote: > > > I've toyed with this a bit. > > > > > > I am working on an ardbc plugin that uses its own configuration file. > > > The config file is parsed using yacc. Some pointers on using your own > > > config file: > > > > > > - the cwd of arplugind is the bin directory, therefore, files in the > > > conf directory can be accessed using "../conf/myplugin.conf". > > > #define ARDBCSQL_CONFIG_FILE "../conf/ardbcsql.conf" > > > > > > - ARPluginInitialization is the place to load the config file > > > > > > - If you plan on making the source available, I really don't see why > > > encryption is necessary. File based permissions are a better > > > approach. Encryption would be good if you could use some type of user > > > provided value as part of the encryption scheme, but then the people > > > using the program have to keep that secret value somewhere safe. > > > > > > - I've toyed with using the 'Remedy Application Service' account for > > > similar things, but I'm missing something with this account. > > > > > > - Depending on the complexity and number of the configuration values > > > you require, you may not want to use ar.conf. For example, the thing > > > I've been toying with parses a config file that looks like this: > > > > > > arserver: arsdev > > > username: Demo > > > password: "" > > > tcpport: 4050 > > > rpcprog: 0 > > > table "User:LicenseCount" > > > { > > > form: User > > > groupby: 108, 109 > > > aggregate "distinct_users" { > > > field: 101 > > > function: COUNT, DISTINCT > > > } > > > aggregate "distinct_emails" > > > { > > > field: 108 > > > function: COUNT > > > function: DISTINCT > > > } > > > } > > > > > > This isn't something you would want to stick in ar.conf. It all > > > depends on what you plan to do. > > > > > > Axton Grams > > > > > > On 7/13/07, Jarl Grøneng <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > > > > > > I need to use an admin account in a plugin(ARDBC/ARF) I develop. > > > > I could use a configuration file, ar.conf file? Still need to encrypt > > > > the password... > > > > > > > > Any ideas? > > > > > > > > Regards, > > > > Jarl > > > > > > > > _______________________________________________________________________________ > > > > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" > > > > > > > > > > _______________________________________________________________________________ > > > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" > > > > > > > _______________________________________________________________________________ > > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" > > > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
_______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
