[ http://issues.apache.org/jira/browse/GERONIMO-411?page=comments#action_12455584 ] Vamsavardhana Reddy commented on GERONIMO-411: ----------------------------------------------
Now that PropertiesFileLoginModule and SQLLoginModule support a "digest" option (See GERONIMO-1880), is this Hash Password Rewrite feature required? > Add Hash Password Rewrite to File Realm > --------------------------------------- > > Key: GERONIMO-411 > URL: http://issues.apache.org/jira/browse/GERONIMO-411 > Project: Geronimo > Issue Type: Improvement > Components: security > Affects Versions: 1.0-M2 > Reporter: Aaron Mulder > Priority: Minor > Fix For: Wish List > > > It would be nice if the properties file realm could rewrite your properties > file with hashed passwords when it reads it. We would need to be able to > recognize hashed vs. unhashed entries and perhaps even different algorithms. > Perhaps it could go like this: > user1=plaintext > user2=MD5{...} > user3=SHA1{...} > Anyway, the idea is that this could be a reasonably secure alternative, but > you still wouldn't need to manually hash things to add or update entries -- > just put a plain text entry in and the next time the server reads the file it > would hash it for you. > I guess we'd need to synchronize on the hash operation to avoid threading > problems if multiple apps or whatever use the same properties file, but it > shouldn't be bad if we only rewrite the file if we find any plain text > entries. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
