Documentation - Security - pluggable encryption system/custom keys ------------------------------------------------------------------
Key: GERONIMO-4176 URL: https://issues.apache.org/jira/browse/GERONIMO-4176 Project: Geronimo Issue Type: Task Security Level: public (Regular issues) Components: documentation Affects Versions: 2.1.x Reporter: Hernan Cunico Assignee: Hernan Cunico Provide documentation for the pluggable encryption system for passwords. This feature has been available since [GERONIMO-2925] but never documented. <snip> If you want to have a fixed key generated by geronimo you can add this gbean to the rmi-naming module in config.xml: <gbean name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean" gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption"> <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute> <reference name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference> </gbean> This will create a key the first time its started, after that it will keep using the saved key at the location specified. If you put a serialized SecretKeySpec there it will use it instead. Of course using something like this leaves your system open to the key file changing or disappearing and losing all the saved password info. </snip> -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.