[ http://issues.apache.org/jira/browse/GERONIMO-411?page=all ]
Aaron Mulder updated GERONIMO-411:
----------------------------------
Assign To: (was: Aaron Mulder)
> Add Hash Password Rewrite to File Realm
> ---------------------------------------
>
> Key: GERONIMO-411
> URL: http://issues.apache.org/jira/browse/GERONIMO-411
> Project: Geronimo
> Type: Improvement
> Components: security
> Versions: 1.0-M2
> Reporter: Aaron Mulder
> Priority: Minor
> Fix For: 1.2
>
> It would be nice if the properties file realm could rewrite your properties
> file with hashed passwords when it reads it. We would need to be able to
> recognize hashed vs. unhashed entries and perhaps even different algorithms.
> Perhaps it could go like this:
> user1=plaintext
> user2=MD5{...}
> user3=SHA1{...}
> Anyway, the idea is that this could be a reasonably secure alternative, but
> you still wouldn't need to manually hash things to add or update entries --
> just put a plain text entry in and the next time the server reads the file it
> would hash it for you.
> I guess we'd need to synchronize on the hash operation to avoid threading
> problems if multiple apps or whatever use the same properties file, but it
> shouldn't be bad if we only rewrite the file if we find any plain text
> entries.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
