[
https://issues.apache.org/jira/browse/GERONIMO-3003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12736478#action_12736478
]
David Jencks commented on GERONIMO-3003:
----------------------------------------
I applied my revised patch in rev 798794 before I saw Jac's suggestion. I
think the use case there is a good idea, and I don't see a better way to
implement it. I wish we didn't have to rely on encrypt and decrupt being
idempotent.
If no one gets there first I'll apply jack's suggestion in the morning.
> Encrypt password strings in deployment plans
> --------------------------------------------
>
> Key: GERONIMO-3003
> URL: https://issues.apache.org/jira/browse/GERONIMO-3003
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: deployment
> Affects Versions: Wish List
> Reporter: Aman Nanner
> Priority: Minor
> Fix For: Wish List
>
> Attachments: GERONIMO-3003-2.2-2.patch, GERONIMO-3003.patch,
> GERONIMO-3003_21.patch
>
>
> Geronimo currently has a feature where password strings in the config.xml get
> encrypted using the {{org.apache.geronimo.util.EncryptionManager}}. This
> encryption is performed in the
> {{org.apache.geronimo.system.configuration.GBeanOverride}} class.
> It would be desirable to have the same encryption applied to the password
> strings in deployment plans (e.g. datasource or JMS deployment plans within
> an EAR). Even though the plans are only used during the deployment process,
> and not at runtime, the plans are left with plaintext password strings
> sitting in them. It would be nice if the deployment process could internally
> encrypt the strings and then write back out the deployment plan to the file
> system. Also, this means that the deployment process will require the
> ability to decrypt strings that are already in encrypted format in the plan
> (in the case of redeployment, for example).
> More discussion of this feature can be found in the following mailing list
> thread:
> http://www.mail-archive.com/[email protected]/msg05859.html
> I would suggest that an appropriate spot to perform the encryption is in the
> {{org.apache.geronimo.j2ee.deployment.EARConfigBuilder}} class, perhaps in
> the following code just before the file is written to a temporary file:
> ----
> if (gerModule.isSetAltDd()) {
> // the the url of the alt dd
> try {
> altVendorDDs.put(path,
> DeploymentUtil.toTempFile(earFile, gerModule.getAltDd().getStringValue()));
> } catch (IOException e) {
> throw new DeploymentException("Invalid alt vendor
> dd url: " + gerModule.getAltDd().getStringValue(), e);
> }
> ----
> However, somebody more familiar with the design might be able to suggest a
> better solution.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
