[
https://issues.apache.org/jira/browse/GERONIMO-4176?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chi Runhua reassigned GERONIMO-4176:
------------------------------------
Assignee: Chi Runhua (was: Hernan Cunico)
> Documentation - Security - pluggable encryption system/custom keys
> ------------------------------------------------------------------
>
> Key: GERONIMO-4176
> URL: https://issues.apache.org/jira/browse/GERONIMO-4176
> Project: Geronimo
> Issue Type: Task
> Security Level: public(Regular issues)
> Components: documentation
> Affects Versions: 2.1.x
> Reporter: Hernan Cunico
> Assignee: Chi Runhua
>
> Provide documentation for the pluggable encryption system for passwords. This
> feature has been available since [GERONIMO-2925] but never documented.
> <snip>
> If you want to have a fixed key generated by geronimo you can add this gbean
> to the rmi-naming module in config.xml:
> <gbean
> name="org.apache.geronimo.configs/rmi-naming/2.1-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean"
> gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
> <attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
> <reference
> name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference>
> </gbean>
> This will create a key the first time its started, after that it will keep
> using the saved key at the location specified. If you put a serialized
> SecretKeySpec there it will use it instead.
> Of course using something like this leaves your system open to the key file
> changing or disappearing and losing all the saved password info.
> </snip>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
