[ https://issues.apache.org/jira/browse/GERONIMO-4176?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chi Runhua reassigned GERONIMO-4176: ------------------------------------ Assignee: Chi Runhua (was: Hernan Cunico) > Documentation - Security - pluggable encryption system/custom keys > ------------------------------------------------------------------ > > Key: GERONIMO-4176 > URL: https://issues.apache.org/jira/browse/GERONIMO-4176 > Project: Geronimo > Issue Type: Task > Security Level: public(Regular issues) > Components: documentation > Affects Versions: 2.1.x > Reporter: Hernan Cunico > Assignee: Chi Runhua > > Provide documentation for the pluggable encryption system for passwords. This > feature has been available since [GERONIMO-2925] but never documented. > <snip> > If you want to have a fixed key generated by geronimo you can add this gbean > to the rmi-naming module in config.xml: > <gbean > name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean" > gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption"> > <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute> > <reference > name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference> > </gbean> > This will create a key the first time its started, after that it will keep > using the saved key at the location specified. If you put a serialized > SecretKeySpec there it will use it instead. > Of course using something like this leaves your system open to the key file > changing or disappearing and losing all the saved password info. > </snip> -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.